@jchartrand/sign-and-verify-base v0.0.1
sign-and-verify-core
Signing and verification of Verifiable Credentials and Verifiable Presentations using a provided unlocked DID Document.
Usage
Install the npm package:
npm i sign-and-verify-core
OR
yarn add sign-and-verify-core
create an issuer:
import getDefaultIssuer from sign-and-verify-core;
const { sign, requestDemoCredential, verify, signPresentation, createAndSignPresentation, verifyPresentation } = getDefaultIssuer(unlockedDIDDocument)
const sampleCredential = {
"@context":["https://www.w3.org/2018/credentials/v1","https://www.w3.org/2018/credentials/examples/v1","https://w3c-ccg.github.io/lds-jws2020/contexts/lds-jws2020-v1.json"],"id":"http://example.gov/credentials/3732","type":["VerifiableCredential","UniversityDegreeCredential"],"issuer":"did:web:digitalcredentials.github.io","issuanceDate":"2020-03-10T04:24:12.164Z","credentialSubject":{"id":"did:example:abcdef","degree":{"type":"BachelorDegree","name":"Bachelor of Science and Arts"}}}'
// sign
const result = sign(sampleCredential, options)
const result = verify(signedCredential)
// signPresentation
Reference: vc-http-api /issue/credentials
Verify Presentation
For verifiers to verify (check the proof) of a Verifiable Presentation (VP).
Current DCC implementations also use this endpoint for a special case of VP verification, to implement a lightweight version of DID auth. The learner's wallet generates a VP proving control over the DID (it's a VP without a VC), and the issuer checks the proof.
Additional implementation details are Overview of Credential Request Flow
General Format
curl --header "Content-Type: application/json" \
--request POST \
--data '{"verifiablePresentation": <Verifiable Presentation> \
"options": <Verification Options>' \
<sign-and-verify-service>/verify/presentations
Example
Request:
curl --header "Content-Type: application/json" \
--request POST \
--data '{"@context":["https://www.w3.org/2018/credentials/v1","https://www.w3.org/2018/credentials/examples/v1","https://w3c-ccg.github.io/lds-jws2020/contexts/lds-jws2020-v1.json"],"type":["VerifiablePresentation"],"id":"456","holder":"did:web:digitalcredentials.github.io","proof":{"type":"JsonWebSignature2020","created":"2020-11-12T22:00:33.393Z","challenge":"123","jws":"eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..nuQE1vdLcf0YJSI_ojCdOpkQ53Amf4admAfA1eds9ONz9iskp5NBHqoz_YpzyRPxRvj4zblDDAhR524Dn4BtBA","proofPurpose":"authentication","verificationMethod":"did:web:digitalcredentials.github.io#96K4BSIWAkhcclKssb8yTWMQSz4QzPWBy-JsAFlwoIs"}}' \
http://127.0.0.1:5000/verify/presentations
Reference: vc-http-api /verify/presentations
Generate proof of control
non-standard
This is used by the learner's wallet (as a library) to generate proof of control over a DID. This is a special case of /prove/presentations
(which this also implements), but customizes for this use case.
General Format
curl --header "Content-Type: application/json" \
--request POST \
--data '<PROOF OPTIONS>' \
<sign-and-verify-service>/generate/controlproof
PROOF_OPTIONS look like this:
{
"presentationId": "<optional; provided by the wallet>",
"holder": "<did proving control over>",
"verificationMethod": "did:web:digitalcredentials.github.io#96K4BSIWAkhcclKssb8yTWMQSz4QzPWBy-JsAFlwoIs",
"challenge": "<challenge provided by issuer and passed through from wallet; should match>"
}
--data '{"presentationId": "456", "holder": "did:web:digitalcredentials.github.io", "verificationMethod": "did:web:digitalcredentials.github.io#96K4BSIWAkhcclKssb8yTWMQSz4QzPWBy-JsAFlwoIs", "challenge": "123"}' http://127.0.0.1:5000/generate/controlproof
Response:
{
"@context": [
"https://www.w3.org/2018/credentials/v1",
"https://www.w3.org/2018/credentials/examples/v1",
"https://w3c-ccg.github.io/lds-jws2020/contexts/lds-jws2020-v1.json"
],
"type": [
"VerifiablePresentation"
],
"id": "456",
"holder": "did:web:digitalcredentials.github.io",
"proof": {
"type": "JsonWebSignature2020",
"created": "2020-11-12T22:00:33.393Z",
"challenge": "123",
"jws": "eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..nuQE1vdLcf0YJSI_ojCdOpkQ53Amf4admAfA1eds9ONz9iskp5NBHqoz_YpzyRPxRvj4zblDDAhR524Dn4BtBA",
"proofPurpose": "authentication",
"verificationMethod": "did:web:digitalcredentials.github.io#96K4BSIWAkhcclKssb8yTWMQSz4QzPWBy-JsAFlwoIs"
}
}
Verify Credential
--data '{"verifiableCredential": \ "options": ' \ /verify/credentials
{"@context":["https://www.w3.org/2018/credentials/v1","https://www.w3.org/2018/credentials/examples/v1","https://w3c-ccg.github.io/lds-jws2020/contexts/lds-jws2020-v1.json"],"id":"http://example.gov/credentials/3732","type":["VerifiableCredential","UniversityDegreeCredential"],"issuer":"did:web:digitalcredentials.github.io","issuanceDate":"2020-03-10T04:24:12.164Z","credentialSubject":{"id":"did:example:abcdef","degree":{"type":"BachelorDegree","name":"Bachelor of Science and Arts"}},"proof":{"type":"JsonWebSignature2020","created":"2020-11-12T23:56:27.928Z","jws":"eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..2DppQ4Euf9PUX6NrFPyJwHKPmeAqNWAC6UH8kiFNbsoiinebPpwdortHe-bLzDOQ_W7MQD5nqOnNN8JIVGarAA","proofPurpose":"assertionMethod","verificationMethod":"did:web:digitalcredentials.github.io#96K4BSIWAkhcclKssb8yTWMQSz4QzPWBy-JsAFlwoIs"}}
Request a Demo Credential
With proof of control of DID. <REQUEST_PAYLOAD>
is a Verifiable Presentation proving control of the did. See details below.
Example
curl --header "Content-Type: application/json" \
--request POST \
--data <REQUEST_PAYLOAD> \
http://127.0.0.1:5000/request/democredential
Without proof of control of DID
Example
curl --header "Content-Type: application/json" \
--request POST \
--data '{"holder": "did:example:me"}' \
http://127.0.0.1:5000/request/democredential/nodidproof
Verifiable Presentation (formatted):
Formatted for clarity and security-context normalized. This payload is passed through from subject (REQUEST_PAYLOAD
):
{
"@context": [
"https://www.w3.org/2018/credentials/v1",
"https://www.w3.org/2018/credentials/examples/v1",
"https://w3c-ccg.github.io/lds-jws2020/contexts/lds-jws2020-v1.json"
],
"type": [
"VerifiablePresentation"
],
"id": "456",
"holder": "did:web:digitalcredentials.github.io",
"proof": {
"type": "JsonWebSignature2020",
"created": "2020-11-12T22:00:33.393Z",
"challenge": "123",
"jws": "eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..nuQE1vdLcf0YJSI_ojCdOpkQ53Amf4admAfA1eds9ONz9iskp5NBHqoz_YpzyRPxRvj4zblDDAhR524Dn4BtBA",
"proofPurpose": "authentication",
"verificationMethod": "did:web:digitalcredentials.github.io#96K4BSIWAkhcclKssb8yTWMQSz4QzPWBy-JsAFlwoIs"
}
}
Options (formatted):
Formatted for clarity.
{
"verificationMethod": "did:web:digitalcredentials.github.io#96K4BSIWAkhcclKssb8yTWMQSz4QzPWBy-JsAFlwoIs",
"challenge": "123"
}
References
This assumes familiarity with the basics of the W3C Verifiable Credentials Data Model. Two key concepts are:
Development
To make changes to the package:
Install
npm run install
Build
npm run build
Test
npm run test
Publish to NPM
npm ????
npm publish
3 years ago