credential

package
v0.0.4-alpha Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 10, 2023 License: Apache-2.0 Imports: 16 Imported by: 15

Documentation

Index

Constants

View Source 
const (
	VerifiableCredentialsLinkedDataContext string = "https://www.w3.org/2018/credentials/v1"
	VerifiableCredentialType               string = "VerifiableCredential"
	VerifiableCredentialIDProperty         string = "id"
	VerifiablePresentationType             string = "VerifiablePresentation"

	BuilderEmptyError string = "builder cannot be empty"
)
View Source 
const (
	VCJWTProperty string = "vc"
	VPJWTProperty string = "vp"
	NonceProperty string = "nonce"
)
View Source 
const (
	VCMediaType = "application/credential+ld+json"
)

Variables

This section is empty.

Functions

func SignVerifiableCredentialJWS 

func SignVerifiableCredentialJWS(signer jwx.Signer, cred VerifiableCredential) ([]byte, error)

SignVerifiableCredentialJWS is prepared according to https://transmute-industries.github.io/vc-jws/. This is currently an experimental. It's unstable and subject to change. Use at your own peril.

func SignVerifiableCredentialJWT 

func SignVerifiableCredentialJWT(signer jwx.Signer, cred VerifiableCredential) ([]byte, error)

SignVerifiableCredentialJWT is prepared according to https://w3c.github.io/vc-jwt/#version-1.1 which will soon be deprecated by https://w3c.github.io/vc-jwt/ see: https://github.com/TBD54566975/ssi-sdk/issues/191

func SignVerifiablePresentationJWT 

func SignVerifiablePresentationJWT(signer jwx.Signer, parameters JWTVVPParameters, presentation VerifiablePresentation) ([]byte, error)

SignVerifiablePresentationJWT transforms a VP into a VP JWT and signs it According to https://w3c.github.io/vc-jwt/#version-1.1

func ToCredentialJSONMap 

func ToCredentialJSONMap(genericCred any) (map[string]any, error)

ToCredentialJSONMap turn a generic cred into a JSON object

func VerifyCredentialSignature 

func VerifyCredentialSignature(ctx context.Context, genericCred any, r resolution.Resolver) (bool, error)

VerifyCredentialSignature verifies the signature of a credential of any type TODO(gabe) support other types of credentials https://github.com/TBD54566975/ssi-sdk/issues/352

func VerifyJWTCredential 

func VerifyJWTCredential(cred string, r resolution.Resolver) (bool, error)

VerifyJWTCredential verifies the signature of a JWT credential after parsing it to resolve the issuer DID The issuer DID is resolution from the provided resolution, and used to find the issuer's public key matching the KID in the JWT header.

Types

type CredentialSchema 

type CredentialSchema struct {
	ID   string `json:"id" validate:"required"`
	Type string `json:"type" validate:"required"`
}

type CredentialSubject 

type CredentialSubject map[string]any

func (CredentialSubject) GetID 

func (cs CredentialSubject) GetID() string

type DefaultCredentialStatus 

type DefaultCredentialStatus struct {
	ID   string `json:"id" validate:"required"`
	Type string `json:"type" validate:"required"`
}

DefaultCredentialStatus https://www.w3.org/TR/2021/REC-vc-data-model-20211109/#status

type JWTVVPParameters 

type JWTVVPParameters struct {
	// Audience is an optional audience of the JWT.
	Audience []string
	// Expiration is an optional expiration time of the JWT using the `exp` property.
	Expiration int
}

JWTVVPParameters represents additional parameters needed when constructing a JWT VP as opposed to a VP

type Prohibition 

type Prohibition struct {
	Assigner string   `json:"assigner,omitempty"`
	Assignee string   `json:"assignee,omitempty"`
	Target   string   `json:"target,omitempty"`
	Action   []string `json:"action,omitempty"`
}

type RefreshService 

type RefreshService struct {
	ID   string `json:"id" validate:"required"`
	Type string `json:"type" validate:"required"`
}

type TermsOfUse 

type TermsOfUse struct {
	Type        string        `json:"type,omitempty"`
	ID          string        `json:"id,omitempty"`
	Profile     string        `json:"profile,omitempty"`
	Prohibition []Prohibition `json:"prohibition,omitempty"`
}

TermsOfUse In the current version of the specification TOU isn't well-defined; these fields are subject to change https://www.w3.org/TR/2021/REC-vc-data-model-20211109/#terms-of-use

type VerifiableCredential 

type VerifiableCredential struct {
	// Either a string or set of strings
	Context any    `json:"@context" validate:"required"`
	ID      string `json:"id,omitempty"`
	// Either a string or a set of strings https://www.w3.org/TR/2021/REC-vc-data-model-20211109/#types
	Type any `json:"type" validate:"required"`
	// either a URI or an object containing an `id` property.
	Issuer any `json:"issuer" validate:"required"`
	// https://www.w3.org/TR/xmlschema11-2/#dateTimes
	IssuanceDate     string `json:"issuanceDate" validate:"required"`
	ExpirationDate   string `json:"expirationDate,omitempty"`
	CredentialStatus any    `json:"credentialStatus,omitempty" validate:"omitempty,dive"`
	// This is where the subject's ID *may* be present
	CredentialSubject CredentialSubject `json:"credentialSubject" validate:"required"`
	CredentialSchema  *CredentialSchema `json:"credentialSchema,omitempty" validate:"omitempty,dive"`
	RefreshService    *RefreshService   `json:"refreshService,omitempty" validate:"omitempty,dive"`
	TermsOfUse        []TermsOfUse      `json:"termsOfUse,omitempty" validate:"omitempty,dive"`
	Evidence          []any             `json:"evidence,omitempty" validate:"omitempty,dive"`
	// For embedded proof support
	// Proof is a digital signature over a credential https://www.w3.org/TR/2021/REC-vc-data-model-20211109/#proofs-signatures
	Proof *crypto.Proof `json:"proof,omitempty"`
}

VerifiableCredential is the verifiable credential model outlined in the vc-data-model spec https://www.w3.org/TR/2021/REC-vc-data-model-20211109/#basic-concepts

func ParseVerifiableCredentialFromJWS 

func ParseVerifiableCredentialFromJWS(token string) (*jws.Message, *VerifiableCredential, error)

ParseVerifiableCredentialFromJWS parses a JWS. Depending on the `cty` header value, it parses as a JWT or simply decodes the payload. This is currently an experimental. It's unstable and subject to change. Use at your own peril.

func ParseVerifiableCredentialFromJWT 

func ParseVerifiableCredentialFromJWT(token string) (jws.Headers, jwt.Token, *VerifiableCredential, error)

ParseVerifiableCredentialFromJWT the JWT is decoded according to the specification. https://www.w3.org/TR/vc-data-model/#jwt-decoding If there are any issues during decoding, an error is returned. As a result, a successfully decoded VerifiableCredential object is returned.

func ParseVerifiableCredentialFromToken 

func ParseVerifiableCredentialFromToken(token jwt.Token) (*VerifiableCredential, error)

ParseVerifiableCredentialFromToken takes a JWT object and parses it into a VerifiableCredential

func ToCredential 

func ToCredential(genericCred any) (jws.Headers, jwt.Token, *VerifiableCredential, error)

ToCredential turn a generic cred into its known object model

func VCJWTJSONToVC 

func VCJWTJSONToVC(vcJWTJSON []byte) (jws.Headers, jwt.Token, *VerifiableCredential, error)

VCJWTJSONToVC converts a JSON representation of a VC JWT into a VerifiableCredential

func VerifyVerifiableCredentialJWS 

func VerifyVerifiableCredentialJWS(verifier jwx.Verifier, token string) (*jws.Message, *VerifiableCredential, error)

VerifyVerifiableCredentialJWS verifies the signature validity on the token and parses the token in a verifiable credential. This is currently an experimental. It's unstable and subject to change. Use at your own peril.

func VerifyVerifiableCredentialJWT 

func VerifyVerifiableCredentialJWT(verifier jwx.Verifier, token string) (jws.Headers, jwt.Token, *VerifiableCredential, error)

VerifyVerifiableCredentialJWT verifies the signature validity on the token and parses the token in a verifiable credential. TODO(gabe) modify this to add additional verification steps such as credential status, expiration, etc. related to https://github.com/TBD54566975/ssi-service/issues/122

func (*VerifiableCredential) GetProof 

func (v *VerifiableCredential) GetProof() *crypto.Proof

func (*VerifiableCredential) IsEmpty 

func (v *VerifiableCredential) IsEmpty() bool

func (*VerifiableCredential) IsValid 

func (v *VerifiableCredential) IsValid() error

func (*VerifiableCredential) SetProof 

func (v *VerifiableCredential) SetProof(p *crypto.Proof)

type VerifiableCredentialBuilder 

type VerifiableCredentialBuilder struct {
	*VerifiableCredential
	// contains filtered or unexported fields
}

VerifiableCredentialBuilder uses the builder pattern to construct a verifiable credential

func NewVerifiableCredentialBuilder 

func NewVerifiableCredentialBuilder() VerifiableCredentialBuilder

NewVerifiableCredentialBuilder returns an initialized credential builder with some default fields populated

func (*VerifiableCredentialBuilder) AddContext 

func (vcb *VerifiableCredentialBuilder) AddContext(context any) error

func (*VerifiableCredentialBuilder) AddType 

func (vcb *VerifiableCredentialBuilder) AddType(t any) error

func (*VerifiableCredentialBuilder) Build 

func (vcb *VerifiableCredentialBuilder) Build() (*VerifiableCredential, error)

Build attempts to turn a builder into a valid verifiable credential, doing some object model validation. Schema validation and proof generation must be done separately.

func (*VerifiableCredentialBuilder) IsEmpty 

func (vcb *VerifiableCredentialBuilder) IsEmpty() bool

func (*VerifiableCredentialBuilder) SetCredentialSchema 

func (vcb *VerifiableCredentialBuilder) SetCredentialSchema(schema CredentialSchema) error

func (*VerifiableCredentialBuilder) SetCredentialStatus 

func (vcb *VerifiableCredentialBuilder) SetCredentialStatus(status any) error

func (*VerifiableCredentialBuilder) SetCredentialSubject 

func (vcb *VerifiableCredentialBuilder) SetCredentialSubject(subject CredentialSubject) error

func (*VerifiableCredentialBuilder) SetEvidence 

func (vcb *VerifiableCredentialBuilder) SetEvidence(evidence []any) error

func (*VerifiableCredentialBuilder) SetExpirationDate 

func (vcb *VerifiableCredentialBuilder) SetExpirationDate(dateTime string) error

func (*VerifiableCredentialBuilder) SetID 

func (vcb *VerifiableCredentialBuilder) SetID(id string) error

func (*VerifiableCredentialBuilder) SetIssuanceDate 

func (vcb *VerifiableCredentialBuilder) SetIssuanceDate(dateTime string) error

func (*VerifiableCredentialBuilder) SetIssuer 

func (vcb *VerifiableCredentialBuilder) SetIssuer(issuer any) error

func (*VerifiableCredentialBuilder) SetRefreshService 

func (vcb *VerifiableCredentialBuilder) SetRefreshService(refreshService RefreshService) error

func (*VerifiableCredentialBuilder) SetTermsOfUse 

func (vcb *VerifiableCredentialBuilder) SetTermsOfUse(terms []TermsOfUse) error

type VerifiablePresentation 

type VerifiablePresentation struct {
	// Either a string or set of strings
	Context any    `json:"@context,omitempty"`
	ID      string `json:"id,omitempty"`
	Holder  string `json:"holder,omitempty"`
	Type    any    `json:"type" validate:"required"`
	// an optional field as a part of https://identity.foundation/presentation-exchange/#embed-targets
	PresentationSubmission any `json:"presentation_submission,omitempty"`
	// Verifiable credential could be our object model, a JWT, or any other valid credential representation
	VerifiableCredential []any         `json:"verifiableCredential,omitempty"`
	Proof                *crypto.Proof `json:"proof,omitempty"`
}

VerifiablePresentation https://www.w3.org/TR/2021/REC-vc-data-model-20211109/#presentations-0

func ParseVerifiablePresentationFromJWT 

func ParseVerifiablePresentationFromJWT(token string) (jws.Headers, jwt.Token, *VerifiablePresentation, error)

ParseVerifiablePresentationFromJWT the JWT is decoded according to the specification. https://www.w3.org/TR/vc-data-model/#jwt-decoding If there are any issues during decoding, an error is returned. As a result, a successfully decoded VerifiablePresentation object is returned.

func VerifyVerifiablePresentationJWT 

func VerifyVerifiablePresentationJWT(ctx context.Context, verifier jwx.Verifier, r resolution.Resolver, token string) (jws.Headers, jwt.Token, *VerifiablePresentation, error)

VerifyVerifiablePresentationJWT verifies the signature validity on the token. Then, the JWT is decoded according to the specification: https://www.w3.org/TR/vc-data-model/#jwt-decoding After decoding the signature of each credential in the presentation is verified. If there are any issues during decoding or signature validation, an error is returned. As a result, a successfully decoded VerifiablePresentation object is returned.

func (*VerifiablePresentation) GetProof 

func (v *VerifiablePresentation) GetProof() *crypto.Proof

func (*VerifiablePresentation) IsEmpty 

func (v *VerifiablePresentation) IsEmpty() bool

func (*VerifiablePresentation) IsValid 

func (v *VerifiablePresentation) IsValid() error

func (*VerifiablePresentation) SetProof 

func (v *VerifiablePresentation) SetProof(p *crypto.Proof)

type VerifiablePresentationBuilder 

type VerifiablePresentationBuilder struct {
	*VerifiablePresentation
	// contains filtered or unexported fields
}

VerifiablePresentationBuilder uses the builder pattern to construct a verifiable presentation

func NewVerifiablePresentationBuilder 

func NewVerifiablePresentationBuilder() VerifiablePresentationBuilder

NewVerifiablePresentationBuilder returns an initialized credential builder with some default fields populated

func (*VerifiablePresentationBuilder) AddContext 

func (vpb *VerifiablePresentationBuilder) AddContext(context any) error

func (*VerifiablePresentationBuilder) AddType 

func (vpb *VerifiablePresentationBuilder) AddType(t any) error

func (*VerifiablePresentationBuilder) AddVerifiableCredentials 

func (vpb *VerifiablePresentationBuilder) AddVerifiableCredentials(creds ...any) error

AddVerifiableCredentials appends the given credentials to the verifiable presentation. It does not check for duplicates.

func (*VerifiablePresentationBuilder) Build 

func (vpb *VerifiablePresentationBuilder) Build() (*VerifiablePresentation, error)

Build attempts to turn a builder into a valid verifiable credential, doing some object model validation. Schema validation and proof generation must be done separately.

func (*VerifiablePresentationBuilder) IsEmpty 

func (vpb *VerifiablePresentationBuilder) IsEmpty() bool

func (*VerifiablePresentationBuilder) SetHolder 

func (vpb *VerifiablePresentationBuilder) SetHolder(holder string) error

func (*VerifiablePresentationBuilder) SetID 

func (vpb *VerifiablePresentationBuilder) SetID(id string) error

func (*VerifiablePresentationBuilder) SetPresentationSubmission 

func (vpb *VerifiablePresentationBuilder) SetPresentationSubmission(ps any) error

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.