From ec8064298676d7108e7ad5f35238c6f708077c88 Mon Sep 17 00:00:00 2001 From: Sam Hellawell Date: Tue, 23 Apr 2024 20:07:45 +0100 Subject: [PATCH 1/3] Skip schema check for anoncreds derived credentials --- package.json | 2 +- src/utils/vc/credentials.js | 19 ++++++++++++++++++- src/utils/vc/custom_crypto.js | 4 ++++ 3 files changed, 23 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 25e3d3ccb..b6b6a05c2 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@docknetwork/sdk", - "version": "8.1.2", + "version": "8.1.3", "main": "index.js", "license": "MIT", "repository": { diff --git a/src/utils/vc/credentials.js b/src/utils/vc/credentials.js index ad76c99ed..448233d93 100644 --- a/src/utils/vc/credentials.js +++ b/src/utils/vc/credentials.js @@ -40,6 +40,11 @@ import { Bls12381BBSSignatureDock2023, Bls12381BBSSignatureProofDock2023, JsonWebSignature2020, + Bls12381PSSigDockSigName, + Bls12381BBSSigDockSigName, + Bls12381BBS23SigDockSigName, + Bls12381BDDT16MacDockName, + Bls12381BDDT16MacProofDockName, } from './custom_crypto'; import { signJWS } from './jws'; import Bls12381BDDT16MACProofDock2024 from './crypto/Bls12381BDDT16MACProofDock2024'; @@ -68,6 +73,17 @@ function dateStringToTimestamp(dateStr) { return Math.floor(Date.parse(dateStr) / 1000); } +export function isAnoncredsProofType(verifiableCredential) { + const proofType = verifiableCredential.proof && verifiableCredential.proof.type; + return ( + proofType === Bls12381BBSSigDockSigName + || proofType === Bls12381BBS23SigDockSigName + || proofType === Bls12381BDDT16MacDockName + || proofType === Bls12381BDDT16MacProofDockName + || proofType === Bls12381PSSigDockSigName + ); +} + export function formatToJWTPayload(keyDoc, cred) { const kid = keyDoc.id; const credentialIssuer = cred.issuer; @@ -293,7 +309,8 @@ export async function verifyCredential( documentLoader: docLoader, }); - if (!skipSchemaCheck) { + const isAnoncredsDerived = isAnoncredsProofType(credential); + if (!skipSchemaCheck && !isAnoncredsDerived) { await getAndValidateSchemaIfPresent( expandedCredential, credential[credentialContextField], diff --git a/src/utils/vc/custom_crypto.js b/src/utils/vc/custom_crypto.js index a7feb8f73..5e2265c7e 100644 --- a/src/utils/vc/custom_crypto.js +++ b/src/utils/vc/custom_crypto.js @@ -14,6 +14,8 @@ import { Bls12381PSDockVerKeyName, Bls12381PSSigDockSigName, Bls12381PSSigProofDockSigName, + Bls12381BDDT16MacDockName, + Bls12381BDDT16MacProofDockName, } from './crypto/constants'; import EcdsaSecp256k1VerificationKey2019 from './crypto/EcdsaSecp256k1VerificationKey2019'; @@ -58,5 +60,7 @@ export { Bls12381PSDockVerKeyName, Bls12381PSSigDockSigName, Bls12381PSSigProofDockSigName, + Bls12381BDDT16MacDockName, + Bls12381BDDT16MacProofDockName, JsonWebSignature2020, }; From f4b4d21ea8f1a205e9a8c6bac095d85177739db4 Mon Sep 17 00:00:00 2001 From: Sam Hellawell Date: Thu, 25 Apr 2024 19:32:58 +0100 Subject: [PATCH 2/3] Add note --- src/utils/vc/credentials.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/utils/vc/credentials.js b/src/utils/vc/credentials.js index 448233d93..65cd4263b 100644 --- a/src/utils/vc/credentials.js +++ b/src/utils/vc/credentials.js @@ -309,6 +309,9 @@ export async function verifyCredential( documentLoader: docLoader, }); + // Determine if we should validate the schema when verifying + // NOTE: derived anoncreds do not need JSON schema validation as the anoncreds library validates it + // and it can fail when required attributes are not revealed const isAnoncredsDerived = isAnoncredsProofType(credential); if (!skipSchemaCheck && !isAnoncredsDerived) { await getAndValidateSchemaIfPresent( From 0d0d4971fa6c1972a86a8e68b673f97bede5ab93 Mon Sep 17 00:00:00 2001 From: Sam Hellawell Date: Thu, 25 Apr 2024 20:43:06 +0100 Subject: [PATCH 3/3] Update derived test to add required fields --- src/utils/vc/credentials.js | 6 ++++++ tests/integration/anoncreds/derived-credentials.test.js | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/src/utils/vc/credentials.js b/src/utils/vc/credentials.js index 65cd4263b..024fc2974 100644 --- a/src/utils/vc/credentials.js +++ b/src/utils/vc/credentials.js @@ -39,9 +39,12 @@ import { Bls12381BBSSignatureProofDock2022, Bls12381BBSSignatureDock2023, Bls12381BBSSignatureProofDock2023, + Bls12381BBS23SigProofDockSigName, + Bls12381PSSigProofDockSigName, JsonWebSignature2020, Bls12381PSSigDockSigName, Bls12381BBSSigDockSigName, + Bls12381BBSSigProofDockSigName, Bls12381BBS23SigDockSigName, Bls12381BDDT16MacDockName, Bls12381BDDT16MacProofDockName, @@ -77,6 +80,9 @@ export function isAnoncredsProofType(verifiableCredential) { const proofType = verifiableCredential.proof && verifiableCredential.proof.type; return ( proofType === Bls12381BBSSigDockSigName + || proofType === Bls12381BBSSigProofDockSigName + || proofType === Bls12381BBS23SigProofDockSigName + || proofType === Bls12381PSSigProofDockSigName || proofType === Bls12381BBS23SigDockSigName || proofType === Bls12381BDDT16MacDockName || proofType === Bls12381BDDT16MacProofDockName diff --git a/tests/integration/anoncreds/derived-credentials.test.js b/tests/integration/anoncreds/derived-credentials.test.js index 399405fed..08eba8db4 100644 --- a/tests/integration/anoncreds/derived-credentials.test.js +++ b/tests/integration/anoncreds/derived-credentials.test.js @@ -67,7 +67,7 @@ const residentCardSchema = { minimum: 0, }, }, - required: [], + required: ['givenName', 'familyName', 'lprNumber'], }, }, };