did-exchange implicit request pthid update & invitation key verification #1599
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Shaanjot Gill <[email protected]>
Signed-off-by: Shaanjot Gill <[email protected]>
TimoGlastra
reviewed
Jan 14, 2022
Signed-off-by: Shaanjot Gill <[email protected]>
shaangill025
changed the title
|
Can we get a review of this @TimoGlastra @andrewwhitehead ? Can we merge it? Thanks! |
TimoGlastra
reviewed
Feb 8, 2022
| @@ -740,7 +746,9 @@ async def accept_response( | |||
| raise DIDXManagerError("No DIDDoc attached; cannot connect to public DID") | |||
| async with self.profile.session() as session: | |||
| wallet = session.inject(BaseWallet) | |||
| conn_did_doc = await self.verify_diddoc(wallet, response.did_doc_attach) | |||
| conn_did_doc = await self.verify_diddoc( | |||
| wallet, response.did_doc_attach, conn_rec.invitation_key | |||
There was a problem hiding this comment.
This checks whether the did document is signed with the first verification method (code above in this file assign conn_rec.invitation_key to first verificationMethod). I think this should be signed using an authentication key. Also I'm not sure which key we should check (the RFC is not very clear), but it could be signed with the second (or third) authentication key I guess.
Maybe @andrewwhitehead has some insights on this
There was a problem hiding this comment.
Based upon the clarification received during Aries WG 2022/03/23, updated verify method and now using jws.header.kid to verify signature.
Signed-off-by: Shaanjot Gill <[email protected]>
andrewwhitehead
approved these changes
Apr 7, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Signed-off-by: Shaanjot Gill [email protected]
resolve #1595
resolve #1594