search

TBD54566975 / web5-kt

Apache License 2.0
7 stars 9 forks source link

Make VC Verify more robust #291

Closed nitro-neal closed 3 months ago

nitro-neal commented 3 months ago

Overview

Added vcJwt checks to verify

Description

 * If any of these steps fail, the function will throw a [IllegalArgumentException] with a message indicating the nature of the failure:
 * - exp MUST represent the expirationDate property, encoded as a UNIX timestamp (NumericDate).
 * - iss MUST represent the issuer property of a verifiable credential or the holder property of a verifiable presentation.
 * - nbf MUST represent issuanceDate, encoded as a UNIX timestamp (NumericDate).
 * - jti MUST represent the id property of the verifiable credential or verifiable presentation.
 * - sub MUST represent the id property contained in the credentialSubject.

How Has This Been Tested?

Added new vector - https://github.com/TBD54566975/web5-spec/pull/146

jiyoontbd commented 3 months ago

@nitro-neal can you link the spec text where we talk about the date fields like exp iat nbf being numeric values? @kirahsapong and i were wondering about whether it should be a date or a long field while working in web5-swift.

nitro-neal commented 3 months ago

here is vcdata model - https://www.w3.org/TR/vc-data-model/#jwt-encoding