integrity

package
v0.0.0-...-f93f300 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 29, 2023 License: Apache-2.0 Imports: 15 Imported by: 4

Documentation

Index

Constants

View Source
const (
	VCJWTProperty string = "vc"
	VPJWTProperty string = "vp"
	NonceProperty string = "nonce"
)
View Source
const (
	VCMediaType = "application/credential+ld+json"
)

Variables

This section is empty.

Functions

func JWTClaimSetFromVC

func JWTClaimSetFromVC(cred credential.VerifiableCredential) (jwt.Token, error)

JWTClaimSetFromVC create a JWT claimset from the given cred according to https://w3c.github.io/vc-jwt/#version-1.1.

func ParseVerifiableCredentialFromJWS

func ParseVerifiableCredentialFromJWS(token string) (*jws.Message, *credential.VerifiableCredential, error)

ParseVerifiableCredentialFromJWS parses a JWS. Depending on the `cty` header value, it parses as a JWT or simply decodes the payload. This is currently an experimental. It's unstable and subject to change. Use at your own peril.

func ParseVerifiableCredentialFromJWT

func ParseVerifiableCredentialFromJWT(token string) (jws.Headers, jwt.Token, *credential.VerifiableCredential, error)

ParseVerifiableCredentialFromJWT the JWT is decoded according to the specification. https://www.w3.org/TR/vc-data-model/#jwt-decoding If there are any issues during decoding, an error is returned. As a result, a successfully decoded VerifiableCredential object is returned.

func ParseVerifiableCredentialFromToken

func ParseVerifiableCredentialFromToken(token jwt.Token) (*credential.VerifiableCredential, error)

ParseVerifiableCredentialFromToken takes a JWT object and parses it into a VerifiableCredential

func ParseVerifiablePresentationFromJWT

func ParseVerifiablePresentationFromJWT(token string) (jws.Headers, jwt.Token, *credential.VerifiablePresentation, error)

ParseVerifiablePresentationFromJWT the JWT is decoded according to the specification. https://www.w3.org/TR/vc-data-model/#jwt-decoding If there are any issues during decoding, an error is returned. As a result, a successfully decoded VerifiablePresentation object is returned.

func SignVerifiableCredentialJWS

func SignVerifiableCredentialJWS(signer jwx.Signer, cred credential.VerifiableCredential) ([]byte, error)

SignVerifiableCredentialJWS is prepared according to https://transmute-industries.github.io/vc-jws/. This is currently an experimental. It's unstable and subject to change. Use at your own peril.

func SignVerifiableCredentialJWT

func SignVerifiableCredentialJWT(signer jwx.Signer, cred credential.VerifiableCredential) ([]byte, error)

SignVerifiableCredentialJWT is prepared according to https://w3c.github.io/vc-jwt/#version-1.1 which will soon be deprecated by https://w3c.github.io/vc-jwt/ see: https://github.com/cyware/ssi-sdk/issues/191

func SignVerifiablePresentationJWT

func SignVerifiablePresentationJWT(signer jwx.Signer, parameters *JWTVVPParameters, presentation credential.VerifiablePresentation) ([]byte, error)

SignVerifiablePresentationJWT transforms a VP into a VP JWT and signs it According to https://w3c.github.io/vc-jwt/#version-1.1

func VerifyCredentialSignature

func VerifyCredentialSignature(ctx context.Context, genericCred any, r resolution.Resolver) (bool, error)

VerifyCredentialSignature verifies the signature of a credential of any type TODO(gabe) support other types of credentials https://github.com/cyware/ssi-sdk/issues/352

func VerifyDataIntegrityCredential

func VerifyDataIntegrityCredential(_ context.Context, cred credential.VerifiableCredential, _ resolution.Resolver) (bool, error)

VerifyDataIntegrityCredential verifies the signature of a Data Integrity credential TODO(gabe): https://github.com/cyware/ssi-sdk/issues/196

func VerifyJWTCredential

func VerifyJWTCredential(ctx context.Context, cred string, r resolution.Resolver) (bool, error)

VerifyJWTCredential verifies the signature of a JWT credential after parsing it to resolve the issuer DID The issuer DID is resolution from the provided resolution, and used to find the issuer's public key matching the KID in the JWT header.

func VerifyJWTPresentation

func VerifyJWTPresentation(ctx context.Context, pres string, r resolution.Resolver) (bool, error)

VerifyJWTPresentation verifies the signature of a JWT presentation after parsing it to resolve the issuer DID The issuer DID is resolution from the provided resolution, and used to find the issuer's public key matching the KID in the JWT header.

func VerifyVerifiableCredentialJWS

func VerifyVerifiableCredentialJWS(verifier jwx.Verifier, token string) (*jws.Message, *credential.VerifiableCredential, error)

VerifyVerifiableCredentialJWS verifies the signature validity on the token and parses the token in a verifiable credential. This is currently an experimental. It's unstable and subject to change. Use at your own peril.

func VerifyVerifiableCredentialJWT

func VerifyVerifiableCredentialJWT(verifier jwx.Verifier, token string) (jws.Headers, jwt.Token, *credential.VerifiableCredential, error)

VerifyVerifiableCredentialJWT verifies the signature validity on the token and parses the token in a verifiable credential. TODO(gabe) modify this to add additional validation steps such as credential status, expiration, etc. related to https://github.com/cyware/ssi-service/issues/122

func VerifyVerifiablePresentationJWT

func VerifyVerifiablePresentationJWT(ctx context.Context, verifier jwx.Verifier, r resolution.Resolver, token string) (jws.Headers, jwt.Token, *credential.VerifiablePresentation, error)

VerifyVerifiablePresentationJWT verifies the signature validity on the token. Then, the JWT is decoded according to the specification: https://www.w3.org/TR/vc-data-model/#jwt-decoding After decoding the signature of each credential in the presentation is verified. If there are any issues during decoding or signature validation, an error is returned. As a result, a successfully decoded VerifiablePresentation object is returned.

Types

type JWTVVPParameters

type JWTVVPParameters struct {
	// Audience is an optional audience of the JWT.
	Audience []string
	// Expiration is an optional expiration time of the JWT using the `exp` property.
	Expiration int
}

JWTVVPParameters represents additional parameters needed when constructing a JWT VP as opposed to a VP

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL