Correct JWK for decoding JWTs tests

[kdimak]

What is correct JWK for the decoding JWS into the credentials data model tests (--jwt-decode parameter), example-016-jwt.jwt? It's RS256 but the one defined at config.json.example is not valid:

      "rs256PrivateKeyJwk":{
         "kty":"RSA",
         "n":"0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw",
         "e":"AQAB",
         "d":"X4cTteJY_gn4FYPsXB8rdXix5vwsg1FLN5E3EaG6RJoVH-HLLKD9M7dx5oo7GURknchnrRweUkC7hT5fJLM0WbFAKNLWY2vv7B6NqXSzUvxT0_YSfqijwp3RTzlBaCxWp4doFk5N2o8Gy_nHNKroADIkJ46pRUohsXywbReAdYaMwFs9tv8d_cPVY3i07a3t8MN6TNwm0dSawm9v47UiCl3Sk5ZiG7xojPLu4sbg1U2jx4IBTNBznbJSzFHK66jT8bgkuqsk0GjskDJk19Z4qwjwbsnn4j2WBii3RL-Us2lGVkY8fkFzme1z0HbIkfz0Y6mqnOYtqc0X4jfcKoAC8Q",
         "p":"83i-7IvMGXoMXCskv73TKr8637FiO7Z27zv8oj6pbWUQyLPQBQxtPVnwD20R-60eTDmD2ujnMt5PoqMrm8RfmNhVWDtjjMmCMjOpSXicFHj7XOuVIYQyqVWlWEh6dN36GVZYk93N8Bc9vY41xy8B9RzzOGVQzXvNEvn7O0nVbfs",
         "q":"3dfOR9cuYq-0S-mkFLzgItgMEfFzB2q3hWehMuG0oCuqnb3vobLyumqjVZQO1dIrdwgTnCdpYzBcOfW5r370AFXjiWft_NGEiovonizhKpo9VVS78TzFgxkIdrecRezsZ-1kYd_s1qDbxtkDEgfAITAG9LUnADun4vIcb6yelxk",
         "dp":"G4sPXkc6Ya9y8oJW9_ILj4xuppu0lzi_H7VTkS8xj5SdX3coE0oimYwxIi2emTAue0UOa5dpgFGyBJ4c8tQ2VF402XRugKDTP8akYhFo5tAA77Qe_NmtuYZc3C3m3I24G2GvR5sSDxUyAN2zq8Lfn9EUms6rY3Ob8YeiKkTiBj0",
         "dq":"s9lAH9fggBsoFR8Oac2R_E2gw282rT2kGOAhvIllETE1efrA6huUUvMfBcMpn8lqeW6vzznYY5SSQF7pMdC_agI3nG8Ibp1BUb0JUiraRNqUfLhcQb_d9GF4Dh7e74WbRsobRonujTYN1xCaP6TO61jvWrX-L18txXw494Q_cgk",
         "qi":"GyM_p6JrXySiz1toFgKbWV-JdI3jQ4ypu9rbMWx3rQJBfmt0FoYzgUIZEVFEcOqwemRN81zoDAaa-Bk0KWNGDjJHZDdDmFhW3AN7lI-puxk_mHZGJ11rxyR8O55XLSe3SPmRfKwZI6yU24ZxvQKFYItdldUKGzO6Ia6zTKhAVRU",
         "alg":"RS256",
         "kid":"did:example:0xab#verikey-1"
      }

[troyronda]

@peacekeeper @awoie Do you know which key was used to sign example-016-jwt.jwt?

[awoie]

@troyronda @kdimak the tests don't assume that the generator verifies the JWT, so you won't need the public key. The output should be a credential without a proof property. This is a data model test suite and the group agreed to not test the cryptographic proofs themselves.

[troyronda]

@awoie The JWT structure contains a normal JWS signature - is this JWS signature also not being validated in the test case?

[awoie]

@troyronda Exactly, the JWS is not validated.

[awoie]

@troyronda However, the JWT must be a valid JWT (JWS in compact serialization) by following the <header>.<payload>.<signature> convention.

[awoie]

@kdimak @troyronda Can we close this issue?

[kdimak]

@awoie makes sense for me, thank you.

[kdimak]

@awoie unfortunately, the VC inside JWS (example-016-jwt.jwt) is buggy:

{
  "@context": [
    "https://w3.org/2018/credentials/v1",
    "https://example.com/examples/v1"
  ],
  "credentialSubject": {
    "degree": {
      "name": "Bachelor of Science in Mechanical Engineering",
      "type": "BachelorDegree"
    }
  },
  "expirationDate": "2019-11-06T08:42:03Z",
  "id": "http://example.edu/credentials/3732",
  "issuanceDate": "2018-11-06T08:42:04Z",
  "issuer": "did:example:abfe13f712120431c276e12ecab",
  "type": [
    "VerifiableCredential",
    "UniversityDegreeCredential"
  ]
}

as the first context must be https://www.w3.org/2018/credentials/v1 (https://w3c.github.io/vc-data-model/#contexts). And here www is missing (currently the context is https://w3.org/2018/credentials/v1).

Can we apply https://github.com/w3c/vc-test-suite/pull/102 where the @context has correct values?

[kdimak]

@awoie filed a separate issue #103 we can close the current issue