Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add JWT and Json schema validation to credential verification process #480

Open
6 tasks done
Oran-Dan opened this issue Feb 7, 2025 · 3 comments
Open
6 tasks done

Add JWT and Json schema validation to credential verification process #480

Oran-Dan opened this issue Feb 7, 2025 · 3 comments
Assignees
@Oran-Dan
Labels
Chore Non-functional change, e.g., changing a config. V1 MVP Necessary for the minimal MVP

Comments

@Oran-Dan
Copy link
Contributor

Oran-Dan commented Feb 7, 2025
edited
Loading

Description

Check incoming credentials if they're valid JWT's and if they comply with their corresponding Json schema.

Motivation

Adds security and improves the verification process

Resources

https://crates.io/crates/jsonschema

To-do List

  • Upload OBv3 Json schema to resources folder
  • Add credential format parser function to select respective Json schema
  • Implement Json schema validation: OBv3 via Json schema, VC 1.1 via identity.rs
  • Abstract the JWT validation code from validate_linked_verifiable_presentations
  • Implement JWT validation in send_credential_request
  • Block credential upon failure, throw error
@Oran-Dan Oran-Dan self-assigned this Feb 7, 2025
@Oran-Dan Oran-Dan added Chore Non-functional change, e.g., changing a config. V1 MVP Necessary for the minimal MVP labels Feb 7, 2025
@nanderstabel
Copy link
Contributor

Upon receiving credentials in send_credential_request we should make use of identiy.rs's JwtCredentialValidator in conjunction with our own Verifier struct.

Note that the JwtCredentialValidator validates the actual JWT as well as for validation rules according to VC DM 1.1. So that means that for OBv3 additional validation checks need to be performed through schema validation.

We already use this method of verifying for Linked VPs and Domain Linkage, so we can just use it the same way for incoming credentials.

@nanderstabel
Copy link
Contributor

We should also make sure that UniMe validates that the Credentials it receives correspond with the Credential Configurations of the Issuer's metadata.

@Oran-Dan
Copy link
Contributor Author

We should also make sure that UniMe validates that the Credentials it receives correspond with the Credential Configurations of the Issuer's metadata.

I'll make this into a seperate Issue

@Oran-Dan Oran-Dan changed the title Add Json schema validation to credential verification process Add JWT and Json schema validation to credential verification process Feb 22, 2025
@Oran-Dan Oran-Dan mentioned this issue Feb 22, 2025
Open
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Oran-Dan Oran-Dan

Labels
Chore Non-functional change, e.g., changing a config. V1 MVP Necessary for the minimal MVP
Projects
Impierce SSI Stack
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nanderstabel @Oran-Dan