From 4e35622d92f83df5f08ac2e78c128a76c320ff68 Mon Sep 17 00:00:00 2001 From: Markus Gylling Date: Thu, 15 Sep 2022 13:59:33 +0200 Subject: [PATCH] Update ob and clr schemas (renders from unifiedmodel) --- .../java/org/oneedtech/inspect/vc/Credential.java | 6 +++--- .../inspect/vc/probe/EmbeddedProofProbe.java | 12 ++++++++++++ 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/inspector-vc/src/main/java/org/oneedtech/inspect/vc/Credential.java b/inspector-vc/src/main/java/org/oneedtech/inspect/vc/Credential.java index c19f703..1b3c501 100644 --- a/inspector-vc/src/main/java/org/oneedtech/inspect/vc/Credential.java +++ b/inspector-vc/src/main/java/org/oneedtech/inspect/vc/Credential.java @@ -70,9 +70,9 @@ public class Credential extends GeneratedObject { private static final Map schemas = new ImmutableMap.Builder() .put(AchievementCredential, Catalog.OB_30_ACHIEVEMENTCREDENTIAL_JSON) - .put(ClrCredential, Catalog.OB_30_ACHIEVEMENTCREDENTIAL_JSON) - .put(EndorsementCredential, Catalog.OB_30_ENDORSEMENTCREDENTIAL_JSON) + .put(ClrCredential, Catalog.CLR_20_CLRCREDENTIAL_JSON) .put(VerifiablePresentation, Catalog.CLR_20_CLRCREDENTIAL_JSON) + .put(EndorsementCredential, Catalog.OB_30_ENDORSEMENTCREDENTIAL_JSON) .build(); /** @@ -85,7 +85,7 @@ public class Credential extends GeneratedObject { public enum Type { AchievementCredential, OpenBadgeCredential, //treated as an alias of AchievementCredential - ClrCredential, //NOT a duplicate of OB this does not use an alias and we ONLY use 'ClrCredential' as the base type + ClrCredential, EndorsementCredential, VerifiablePresentation, VerifiableCredential, //this is an underspecifier in our context diff --git a/inspector-vc/src/main/java/org/oneedtech/inspect/vc/probe/EmbeddedProofProbe.java b/inspector-vc/src/main/java/org/oneedtech/inspect/vc/probe/EmbeddedProofProbe.java index dd27d79..cafea8a 100644 --- a/inspector-vc/src/main/java/org/oneedtech/inspect/vc/probe/EmbeddedProofProbe.java +++ b/inspector-vc/src/main/java/org/oneedtech/inspect/vc/probe/EmbeddedProofProbe.java @@ -34,6 +34,9 @@ public class EmbeddedProofProbe extends Probe { @Override public ReportItems run(Credential crd, RunContext ctx) throws Exception { + //TODO check that proof is Ed25519 - issue error if not ("type": "Ed25519Signature2020", + //TODO check value "proofPurpose": "assertionMethod", if not error + VerifiableCredential vc = VerifiableCredential.fromJson(new StringReader(crd.getJson().toString())); vc.setDocumentLoader(new CachingDocumentLoader()); @@ -51,6 +54,10 @@ public class EmbeddedProofProbe extends Probe { // did:key:[publicKeyMultibase] // [publicKeyMultibase] + // TODO fourth format that we don't support yet: a URL that returns a Ed25519VerificationKey2020 + // if starts with http and does not have hashcode, try fetch and see if returns Ed25519VerificationKey2020 + // property is publicKeyMultibase + if (method.toString().contains("#")) { publicKeyMultibase = method.getFragment(); } else { @@ -77,6 +84,11 @@ public class EmbeddedProofProbe extends Probe { Ed25519Signature2020LdVerifier verifier = new Ed25519Signature2020LdVerifier(publicKey); + //TODO find out whether we also should check that controller matches issuer ID: + // if [controller]#[publicKeyMultibase] format - check [controller] segment + // if did:key:[publicKeyMultibase] format: issuer ID must match the entire URI + // if [publicKeyMultibase] -- don't check issuer ID. Maybe we should warn about this syntax. + try { verifier.verify(vc); } catch (Exception e) {