Media type bits

README.md

@@ -96,7 +96,7 @@ const issuerSigner = {
 const issued = await transmute
   .issuer({
     alg,
-    type: "application/vc-ld+jwt",
+    type: "application/vc+jwt",
     signer: issuerSigner,
   })
   .issue({
@@ -173,11 +173,11 @@ const validated = await transmute
         }
         if (id === `${baseURL}/credentials/status/3`) {
           return {
-            type: `application/vc-ld+jwt`,
+            type: `application/vc+jwt`,
             content: await transmute
               .issuer({
                 alg: "ES384",
-                type: "application/vc-ld+jwt",
+                type: "application/vc+jwt",
                 signer: issuerSigner,
               })
               .issue({
@@ -207,11 +207,11 @@ credentialSubject:
         }
         if (id === `${baseURL}/credentials/status/4`) {
           return {
-            type: `application/vc-ld+jwt`,
+            type: `application/vc+jwt`,
             content: await transmute
               .issuer({
                 alg: "ES384",
-                type: "application/vc-ld+jwt",
+                type: "application/vc+jwt",
                 signer: issuerSigner,
               })
               .issue({
@@ -239,7 +239,7 @@ credentialSubject:
               }),
           };
         }
-        if (content != undefined && type === `application/vc-ld+jwt`) {
+        if (content != undefined && type === `application/vc+jwt`) {
           const { kid } = jose.decodeProtectedHeader(
             transmute.text.decoder.decode(content)
           );
@@ -256,7 +256,7 @@ credentialSubject:
     },
   })
   .validate({
-    type: "application/vc-ld+jwt",
+    type: "application/vc+jwt",
     content: issued,
   });
 
@@ -272,7 +272,7 @@ credentialSubject:
 const presentation = await transmute
   .holder({
     alg,
-    type: "application/vp-ld+jwt",
+    type: "application/vp+jwt",
   })
   .issue({
     signer: issuerSigner,
@@ -283,13 +283,13 @@ const presentation = await transmute
       // this part is built from disclosures without key binding below.
       // "verifiableCredential": [{
       //   "@context": "https://www.w3.org/ns/credentials/v2",
-      //   "id": "data:application/vc-ld+sd-jwt;QzVjV...RMjU",
+      //   "id": "data:application/vc+sd-jwt;QzVjV...RMjU",
       //   "type": "EnvelopedVerifiableCredential"
       // }]
     },
     disclosures: [
       {
-        type: `application/vc-ld+jwt`,
+        type: `application/vc+jwt`,
         credential: issued,
       },
     ],
@@ -305,7 +305,7 @@ const validation = await transmute
       resolve: async ({ type, content }) => {
         // Resolve external resources according to verifier policy
         // In this case, we return inline exampes...
-        if (content != undefined && type === `application/vp-ld+jwt`) {
+        if (content != undefined && type === `application/vp+jwt`) {
           const { kid } = jose.decodeProtectedHeader(
             transmute.text.decoder.decode(content)
           );
@@ -322,7 +322,7 @@ const validation = await transmute
     },
   })
   .validate<transmute.TraceablePresentationValidationResult>({
-    type: `application/vp-ld+jwt`,
+    type: `application/vp+jwt`,
     content: presentation,
   });
 // {
@@ -338,7 +338,7 @@ const validation = await transmute
 //     "verifiableCredential": [
 //       {
 //         "@context": "https://www.w3.org/ns/credentials/v2",
-//         "id": "data:application/vc-ld+jwt;eyJraWQiOiJkaWQ6ZX...
+//         "id": "data:application/vc+jwt;eyJraWQiOiJkaWQ6ZX...
 ```
 
 ## Develop

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@transmute/verifiable-credentials",
-  "version": "0.3.3",
+  "version": "0.3.4",
   "description": "An opinionated typescript library for w3c verifiable credentials.",
   "main": "./dist/index.js",
   "typings": "dist/index.d.ts",

src/credential/issuer.ts

@@ -41,8 +41,8 @@ const sdJwtCredentialIssuer = (issuer: RequestCredentialIssuer) => {
       const sdJwsDigester = await sd.digester()
       const sdIssuer = await sd.issuer({
         alg: issuer.alg,
-        typ: 'application/vc-ld+sd-jwt',
-        cty: 'application/vc-ld',
+        typ: 'application/vc+sd-jwt',
+        cty: 'application/vc',
         salter: sdJwsSalter,
         digester: sdJwsDigester,
         signer: {
@@ -62,11 +62,11 @@ const sdJwtCredentialIssuer = (issuer: RequestCredentialIssuer) => {
 }
 
 export const issuer = (issuer: RequestCredentialIssuer) => {
-  if (issuer.type === 'application/vc-ld+jwt') {
+  if (issuer.type === 'application/vc+jwt') {
     return jwtCredentialIssuer(issuer)
-  } else if (issuer.type === 'application/vc-ld+sd-jwt') {
+  } else if (issuer.type === 'application/vc+sd-jwt') {
     return sdJwtCredentialIssuer(issuer)
-  } else if (issuer.type === 'application/vc-ld+cose') {
+  } else if (issuer.type === 'application/vc+cose') {
     return coseSign1CredentialIssuer(issuer)
   }
 

src/presentation/holder.ts

@@ -87,7 +87,7 @@ const sdJwtPresentationIssuer = (holder: RequestPresentationHolder) => {
 
         vp.verifiableCredential.push({
           "@context": "https://www.w3.org/ns/credentials/v2",
-          id: `data:application/vc-ld+sd-jwt;${sdJwtFnard}`, // great job everyone.
+          id: `data:application/vc+sd-jwt;${sdJwtFnard}`, // great job everyone.
           type: "EnvelopedVerifiableCredential",
         });
       }
@@ -163,13 +163,13 @@ const unsecuredPresentationOfSecuredCredentials = (
 };
 
 export const holder = (holder: RequestPresentationHolder) => {
-  if (holder.type === "application/vp-ld+jwt") {
+  if (holder.type === "application/vp+jwt") {
     return jwtPresentationIssuer(holder);
-  } else if (holder.type === "application/vp-ld+sd-jwt") {
+  } else if (holder.type === "application/vp+sd-jwt") {
     return sdJwtPresentationIssuer(holder);
-  } else if (holder.type === "application/vp-ld+cose") {
+  } else if (holder.type === "application/vp+cose") {
     return coseSign1PresentationIssuer(holder);
-  } else if (holder.type === "application/vp-ld") {
+  } else if (holder.type === "application/vp") {
     return unsecuredPresentationOfSecuredCredentials(holder);
   }
   throw new Error("presentation type is not supported.");

src/status-list/StatusList/Bitstring.ts

@@ -109,9 +109,21 @@ export class Bitstring {
     assert.isNumber(position, 'position')
     const { length, leftToRightIndexing } = this
     const { index, bit } = _parsePosition(position, length, leftToRightIndexing)
-    return !!(this.bits[index] & bit)
+    const actualBitSet = this.bits[index] & bit % 8
+    // Let bitstring be a list of bits with a minimum size of 16KB, where each bit is initialized to 0 (zero).
+    // ....
+    // When a single bit specifies a status, such as "revoked" or "suspended", 
+    // then that status is expected to be true when the bit is set (1) and false when unset (0).
+    if (actualBitSet === 1) {
+      return true
+    }
+    if (actualBitSet === 0) {
+      return false
+    }
+    throw new Error('Invalid bit')
   }
 
+
   async encodeBits() {
     return base64url.encode(gzip(this.bits))
   }
@@ -146,6 +158,9 @@ function _parsePosition(
   const index = Math.floor(position / 8)
   const rem = position % 8
   const shift = leftToRightIndexing ? 7 - rem : rem
-  const bit = 1 << shift
+
+  // When a single bit specifies a status, such as "revoked" or "suspended", 
+  // then that status is expected to be true when the bit is set (1) and false when unset (0).
+  const bit = (1 << shift)
   return { index, bit }
 }

src/types.ts

@@ -7,8 +7,8 @@ export type SupportedSignatureAlgorithms = 'ES256' | 'ES384' | 'ES512'
 
 export type SupportedKeyFormats = 'application/jwk+json' | 'application/cose-key' | 'application/pkcs8'
 
-export type VcContentType = `application/vc-ld`
-export type VpContentType = `application/vp-ld`
+export type VcContentType = `application/vc`
+export type VpContentType = `application/vp`
 
 export type Jwt = `${string}.${string}.${string}`
 export type SdJwt = `${Jwt}${string}~${string}`

src/validator/w3c.ts

@@ -6,7 +6,7 @@ const identifierAlias = [
   '/issuer'
 ]
 
-const allowedProtocols = ['https']
+const allowedProtocols = ['https', 'data']
 
 const isPointerToIdentifier = (pointer: string) => {
   return pointer.endsWith('/id') || identifierAlias.includes(pointer)

src/verifier/verifier.ts

@@ -128,22 +128,22 @@ export const verifier = ({ resolver }: RequestVerifier) => {
   return {
     verify: async <T = VerifiableCredential | VerifiablePresentation>({ type, content, audience, nonce }: RequestVerify): Promise<T> => {
       switch (type) {
-        case 'application/vc-ld+cose':
-        case 'application/vp-ld+cose': {
+        case 'application/vc+cose':
+        case 'application/vp+cose': {
           return verifyCoseSign1({ resolver }, { type, content, audience, nonce }) as T
         }
-        case 'application/vc-ld+jwt':
-        case 'application/vp-ld+jwt':
+        case 'application/vc+jwt':
+        case 'application/vp+jwt':
         case 'application/kb+jwt': {
           return verifyJwt({ resolver }, { type, content, audience, nonce }) as T
         }
-        case 'application/vc-ld+sd-jwt': {
+        case 'application/vc+sd-jwt': {
           return verifySdJwtCredential({ resolver }, { type, content, audience, nonce }) as T
         }
-        case 'application/vp-ld+sd-jwt': {
+        case 'application/vp+sd-jwt': {
           return verifySdJwtPresentation({ resolver }, { type, content, audience, nonce }) as T
         }
-        case 'application/vp-ld': {
+        case 'application/vp': {
           return verifyUnsecuredPresentation({ resolver }, { type, content, audience, nonce }) as T
         }
         default: {

test/__fixtures__/claimset_1.yml

@@ -8,5 +8,5 @@ holder:
   id: "https://university.example/issuers/565049"
 verifiableCredential:
   - "@context": "https://www.w3.org/ns/credentials/v2"
-    id: "data:application/vc-ld+sd-jwt;QzVjV...RMjU"
+    id: "data:application/vc+sd-jwt;QzVjV...RMjU"
     type: EnvelopedVerifiableCredential

test/__fixtures__/index.ts

@@ -88,7 +88,7 @@ export const text = (claims: string) => {
 };
 
 export const review = async (claimset: Uint8Array) => {
-  const type = "application/vc-ld+jwt";
+  const type = "application/vc+jwt";
   return validator({
     resolver,
   })

test/json-schema/better-schema-errors.test.ts

@@ -21,7 +21,7 @@ it("validate twice without error", async () => {
   const issued = await transmute
     .issuer({
       alg,
-      type: "application/vc-ld+jwt",
+      type: "application/vc+jwt",
       signer: {
         sign: async (bytes: Uint8Array) => {
           const jws = await new jose.CompactSign(bytes)
@@ -97,7 +97,7 @@ credentialSubject:
           };
         }
 
-        if (content != undefined && type === `application/vc-ld+jwt`) {
+        if (content != undefined && type === `application/vc+jwt`) {
           const { kid } = jose.decodeProtectedHeader(
             transmute.text.decoder.decode(content)
           );
@@ -114,7 +114,7 @@ credentialSubject:
     },
   });
   const validation1 = await validator.validate({
-    type: "application/vc-ld+jwt",
+    type: "application/vc+jwt",
     content: issued,
   });
   expect(validation1.verified).toBe(true);

test/json-schema/json-schema-tests.test.ts

@@ -29,7 +29,7 @@ describe("json schema tests", () => {
     const issued = await transmute
       .issuer({
         alg,
-        type: "application/vc-ld+jwt",
+        type: "application/vc+jwt",
         signer: {
           sign: async (bytes: Uint8Array) => {
             const jws = await new jose.CompactSign(bytes)
@@ -114,11 +114,11 @@ credentialSubject:
           }
           if (id === `${baseURL}/credentials/status/3`) {
             return {
-              type: `application/vc-ld+jwt`,
+              type: `application/vc+jwt`,
               content: await transmute
                 .issuer({
                   alg: "ES384",
-                  type: "application/vc-ld+jwt",
+                  type: "application/vc+jwt",
                   signer: {
                     sign: async (bytes: Uint8Array) => {
                       const jws = await new jose.CompactSign(bytes)
@@ -160,11 +160,11 @@ credentialSubject:
           }
           if (id === `${baseURL}/credentials/status/4`) {
             return {
-              type: `application/vc-ld+jwt`,
+              type: `application/vc+jwt`,
               content: await transmute
                 .issuer({
                   alg: "ES384",
-                  type: "application/vc-ld+jwt",
+                  type: "application/vc+jwt",
                   signer: {
                     sign: async (bytes: Uint8Array) => {
                       const jws = await new jose.CompactSign(bytes)
@@ -204,7 +204,7 @@ credentialSubject:
                 }),
             };
           }
-          if (content != undefined && type === `application/vc-ld+jwt`) {
+          if (content != undefined && type === `application/vc+jwt`) {
             const { kid } = jose.decodeProtectedHeader(
               transmute.text.decoder.decode(content)
             );
@@ -222,13 +222,13 @@ credentialSubject:
     });
 
     const valid1 = await validator.validate({
-      type: "application/vc-ld+jwt",
+      type: "application/vc+jwt",
       content: issued,
     });
     expect(valid1.verified).toBe(true);
 
     const valid2 = await validator.validate({
-      type: "application/vc-ld+jwt",
+      type: "application/vc+jwt",
       content: issued,
     });
     expect(valid2.verified).toBe(true);