Verify issuance using trust anchor (CA certificate)

[ydanneg]

Hi.

Current version of the library including samples and tests verifies issuance with known Issuer's self-signed certificate only. The real-world case will be that Issuer's certificate is signed by some trusted CA which is used as trust anchor by holder and verifiers.

CA (Trust Anchor) -> Issuer

SD-JWT-VC says it supports x5c JWT header that can be used to

• verify chain (with known trust anchor)
• verify jwt signature

I think it should be applied to holders and verifiers that don't support JWT VC Issuer Metadata that can be used to retrieve Issuer public keys. Not sure about it. More specification analysis is required here.

It also can be that we don't know the type of a key used to sign issued credential JWT. Example can be that CA certificate is ECDSA and leaf certificate is RSA. Library should detect type algorithm from the header and use leaf certificate from x5c to verify a signature.

PS. I'm not expect in mentioned specification, probably some analysis is required additionally to support different cases.

Specs: https://github.com/openid/oid4vc-haip-sd-jwt-vc/blob/main/openid4vc-high-assurance-interoperability-profile-sd-jwt-vc-1_0.md#issuer-identification-and-key-resolution-to-validate-an-issued-credential-issuer-key-resolution https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-08.html#section-5.1

Code references: https://github.com/eu-digital-identity-wallet/eudi-lib-jvm-sdjwt-kt/blob/main/src/main/kotlin/eu/europa/ec/eudi/sdjwt/SdJwtVerifier.kt#L253 https://github.com/eu-digital-identity-wallet/eudi-lib-jvm-sdjwt-kt/blob/main/src/main/kotlin/eu/europa/ec/eudi/sdjwt/NimbusIntegration.kt#L153

[ydanneg]

I temporarily created a simple custom JwtSignatureVerifier to workaround it.

private class TrustedJwtSignatureVerifier(private val trust: X509CertificateTrust, private val delegate: JwtSignatureVerifier) : JwtSignatureVerifier {
    override fun checkSignature(jwt: String): Claims? {
        val signedJwt = SignedJWT.parse(jwt)
        val x5c = signedJwt.header.x509CertChain
        if (x5c != null) {
            val chain = x5c.map { X509CertUtils.parse(it.decode()) }
            if (!trust.isTrusted(chain)) {
                return null
            }
            val verifier = DefaultJWSVerifierFactory().createJWSVerifier(signedJwt.header, chain[0].publicKey)
            return if (!signedJwt.verify(verifier)) null
            else signedJwt.jwtClaimsSet.asClaims()
        }
        return delegate.checkSignature(jwt)
    }
}

But according to specs dNSName should be validated as well here. And Web-based key resolution also should be supported. I think it would be great to have similar validation as eudi-lib-jvm-siop-openid4vp-kt has in RequestAuthenticator: https://github.com/eu-digital-identity-wallet/eudi-lib-jvm-siop-openid4vp-kt/blob/73b82ca8e46681436ff91d6fc16ca58614bef482/src/main/kotlin/eu/europa/ec/eudi/openid4vp/internal/request/RequestAuthenticator.kt#L102

[babisRoutis]

Dear @ydanneg

Thank you for raising this. So far, the library has been targeting SD-JWT not SD-JWT-VC, although there are some examples for the later.

Your proposal though sounds like a reasonable addition. My only concern is whether SD-JWT-VC support should be added to this library or whether a new library is needed.

In the future besides the signature verification, I expect that support for credential metadata (not issuer metadata) can be added as well.

I will get back to this, shortly

[babisRoutis]

In order to support this feature we need to implement #189

[babisRoutis]

Hi @ydanneg

Some skeleton code has been added to #191 (work in progress) for an SD-JWT-VC - specific verifier. Any comments are welcomed (preferably to the PR)

[dzarras]

Dear @ydanneg,

v0.4.0 of eudi-lib-jvm-sdjwt-kt, with support for verifying the signature of SD-JWT VCs, has been released and has reached Maven Central.

Please let us know of any issues that might arise.

Thanks.