search

Sphereon-Opensource / pex-openapi

Decentralized Identity Foundation : Presentation Exchange : API
Apache License 2.0
1 stars 6 forks source link

feat: add support for vc+sd-jwt format #30

Closed TimoGlastra closed 9 months ago

TimoGlastra commented 10 months ago

This adds support for the vc+sd-jwt format as described in HAIP. It's a bit weird, as the spec describes that the object must be empty: https://vcstuff.github.io/oid4vc-haip-sd-jwt-vc/draft-oid4vc-haip-sd-jwt-vc.html#name-presentation-definition

The actual alg values supported etc.. are defined in the client metadata, and not in the PD. This works ok when using this format with HAIP, but if you use e.g. DIDComm with PEX it would be nice to also have these values here. I think once the formats will be registered in the DIF registry, it may get some properties defined for the format: https://github.com/vcstuff/oid4vc-haip-sd-jwt-vc/issues/63

@nklomp do you agree with it being an empty object for now, or should we also allow the client metadata values (sd-jwt_alg_values and kb-jwt_alg_values) in the PD?

TimoGlastra commented 9 months ago

@nklomp would you be able to take a quick look at this PR and release a new version? It's a dependency for the upstream work in PEX, so then all remaining work is to be done in ssi-types + PEX

nklomp commented 9 months ago

I would for sure add the metadata values as optional. To me it seems the HAIP profile does suggest them to be present, if you look at the texts talking about it. I think they simply haven't updated the example.

If we make them optional then we can have implementer choose where they want to put it

TimoGlastra commented 9 months ago

@nklomp the fields are only described in the verifier metadata (see https://vcstuff.github.io/oid4vc-haip-sd-jwt-vc/draft-oid4vc-haip-sd-jwt-vc.html#name-verifier-metadata).

However, the section on presentation definition specifically mentions the object is empty:

The presentation of a SD-JWT VC is requested by adding an object named vc+sd-jwt to the format object of an input_descriptor. The object is empty.

See https://vcstuff.github.io/oid4vc-haip-sd-jwt-vc/draft-oid4vc-haip-sd-jwt-vc.html#name-presentation-definition

So maybe that needs to be changed in HAIP, but they're not defined for the PEX formats.

TimoGlastra commented 9 months ago

I'll add them as optional for now, as otherwise you can't really convey this metadata in PEX without using OpenID4VC

This is not a concern of HAIP though, so I'm not sure if they're open to change this

TimoGlastra commented 9 months ago

Updated the PR to include the properties as optional