feat: SDJWT holder key binding #1185
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mineme0110
requested review from
bvoiturier,
yshyn-iohk,
patlo-iog and
CryptoKnightIOG
as code owners
yshyn-iohk
approved these changes
Jun 14, 2024
mineme0110
force-pushed
the
feat/holder-key-binding
branch
2 times, most recently
from
32d2a63 to
50c3a3d
Compare
Signed-off-by: mineme0110 <[email protected]>
Signed-off-by: mineme0110 <[email protected]>
Signed-off-by: mineme0110 <[email protected]>
Signed-off-by: mineme0110 <[email protected]>
Signed-off-by: mineme0110 <[email protected]>
Signed-off-by: mineme0110 <[email protected]>
Signed-off-by: mineme0110 <[email protected]>
mineme0110
force-pushed
the
feat/holder-key-binding
branch
from
def6e27 to
7b44d5d
Compare
hyperledger-bot
added a commit
that referenced
this pull request
Jul 1, 2024
# [1.37.0-snapshot.test.1](cloud-agent-v1.36.1...cloud-agent-v1.37.0-snapshot.test.1) (2024-07-01) ### Bug Fixes * avoid name and operationId conflict when creating oas client ([#1233](#1233)) ([73e8e24](73e8e24)) * incorrect parsing of public key coordinates and enable some tests again ([#1215](#1215)) ([5398a75](5398a75)) * KeyID from String to Opaque Type and presentation job cleanup ([#1190](#1190)) ([b813faf](b813faf)) * make init-script.sh idempotent [#1173](#1173) ([#1194](#1194)) ([1712062](1712062)) * migrate and repair in case of renaming issues ([#1211](#1211)) ([cb4d479](cb4d479)) * Present Error Handling (Part 1: Repo Changes) ([#1172](#1172)) ([13e2447](13e2447)) * Present Error Handling Job ([#1204](#1204)) ([3191d8b](3191d8b)) * present error handling Part 2 ([#1177](#1177)) ([9ac6e52](9ac6e52)) * Verification Policy Error Handling ([#1228](#1228)) ([6117a3c](6117a3c)) ### Features * add oidc4vci protocol MVP ([#1182](#1182)) ([3ae91dc](3ae91dc)) * add schemaId to the issuance session ([#1199](#1199)) ([97f5d83](97f5d83)) * add support for EcdsaSecp256k1Signature2019Proof and fix pk encoding for EddsaJcs2022Proof ([#1127](#1127)) ([e617ded](e617ded)) * **agent:** add browser fingerprint label to http metrics ([#1231](#1231)) ([f090554](f090554)) * ATL 6829 - Integrate ZIO failures and defects ADR in credential status list ([#1175](#1175)) ([dffad1d](dffad1d)) * ATL-6832 ZIO failures and defects in entity controller ([#1203](#1203)) ([9050094](9050094)) * ATL-6833 integrate ZIO failures and defects in wallet event controller ([#1186](#1186)) ([8bc2018](8bc2018)) * ATL-6834 Use ZIO Failures and Defects effectively in the Issue flow ([#1139](#1139)) ([ede7b77](ede7b77)) * Handle Error in Background Jobs - Improve the way we store errors and defects in DB ([#1218](#1218)) ([e3cadc9](e3cadc9)) * implement ADR Use ZIO Failures and Defects Effectively - Mercury should not throw exceptions ([#1192](#1192)) ([a4ce87f](a4ce87f)) * improve OpenAPI's PresentProof to make more consistent ([#1130](#1130)) ([bdc5d20](bdc5d20)) * Integrate ZIO failures and defects ADR in DID Registrar Controller and Mercury ([#1180](#1180)) ([d8e2120](d8e2120)) * SDJWT holder key binding ([#1185](#1185)) ([628f2f0](628f2f0)) * use kid in the jwt proof header of OID4VCI CredentialIssue request ([#1184](#1184)) ([ee53eda](ee53eda)) * use the compact format in SD-JWT ([#1169](#1169)) ([65da651](65da651)) Signed-off-by: Allain Magyar <[email protected]>
patlo-iog
pushed a commit
that referenced
this pull request
Jul 1, 2024
# [1.37.0-snapshot.test.1](cloud-agent-v1.36.1...cloud-agent-v1.37.0-snapshot.test.1) (2024-07-01) ### Bug Fixes * avoid name and operationId conflict when creating oas client ([#1233](#1233)) ([73e8e24](73e8e24)) * incorrect parsing of public key coordinates and enable some tests again ([#1215](#1215)) ([5398a75](5398a75)) * KeyID from String to Opaque Type and presentation job cleanup ([#1190](#1190)) ([b813faf](b813faf)) * make init-script.sh idempotent [#1173](#1173) ([#1194](#1194)) ([1712062](1712062)) * migrate and repair in case of renaming issues ([#1211](#1211)) ([cb4d479](cb4d479)) * Present Error Handling (Part 1: Repo Changes) ([#1172](#1172)) ([13e2447](13e2447)) * Present Error Handling Job ([#1204](#1204)) ([3191d8b](3191d8b)) * present error handling Part 2 ([#1177](#1177)) ([9ac6e52](9ac6e52)) * Verification Policy Error Handling ([#1228](#1228)) ([6117a3c](6117a3c)) ### Features * add oidc4vci protocol MVP ([#1182](#1182)) ([3ae91dc](3ae91dc)) * add schemaId to the issuance session ([#1199](#1199)) ([97f5d83](97f5d83)) * add support for EcdsaSecp256k1Signature2019Proof and fix pk encoding for EddsaJcs2022Proof ([#1127](#1127)) ([e617ded](e617ded)) * **agent:** add browser fingerprint label to http metrics ([#1231](#1231)) ([f090554](f090554)) * ATL 6829 - Integrate ZIO failures and defects ADR in credential status list ([#1175](#1175)) ([dffad1d](dffad1d)) * ATL-6832 ZIO failures and defects in entity controller ([#1203](#1203)) ([9050094](9050094)) * ATL-6833 integrate ZIO failures and defects in wallet event controller ([#1186](#1186)) ([8bc2018](8bc2018)) * ATL-6834 Use ZIO Failures and Defects effectively in the Issue flow ([#1139](#1139)) ([ede7b77](ede7b77)) * Handle Error in Background Jobs - Improve the way we store errors and defects in DB ([#1218](#1218)) ([e3cadc9](e3cadc9)) * implement ADR Use ZIO Failures and Defects Effectively - Mercury should not throw exceptions ([#1192](#1192)) ([a4ce87f](a4ce87f)) * improve OpenAPI's PresentProof to make more consistent ([#1130](#1130)) ([bdc5d20](bdc5d20)) * Integrate ZIO failures and defects ADR in DID Registrar Controller and Mercury ([#1180](#1180)) ([d8e2120](d8e2120)) * SDJWT holder key binding ([#1185](#1185)) ([628f2f0](628f2f0)) * use kid in the jwt proof header of OID4VCI CredentialIssue request ([#1184](#1184)) ([ee53eda](ee53eda)) * use the compact format in SD-JWT ([#1169](#1169)) ([65da651](65da651)) Signed-off-by: Allain Magyar <[email protected]> Signed-off-by: Pat Losoponkul <[email protected]>
patlo-iog
pushed a commit
that referenced
this pull request
Jul 1, 2024
# [1.37.0-snapshot.test.1](cloud-agent-v1.36.1...cloud-agent-v1.37.0-snapshot.test.1) (2024-07-01) ### Bug Fixes * avoid name and operationId conflict when creating oas client ([#1233](#1233)) ([73e8e24](73e8e24)) * incorrect parsing of public key coordinates and enable some tests again ([#1215](#1215)) ([5398a75](5398a75)) * KeyID from String to Opaque Type and presentation job cleanup ([#1190](#1190)) ([b813faf](b813faf)) * make init-script.sh idempotent [#1173](#1173) ([#1194](#1194)) ([1712062](1712062)) * migrate and repair in case of renaming issues ([#1211](#1211)) ([cb4d479](cb4d479)) * Present Error Handling (Part 1: Repo Changes) ([#1172](#1172)) ([13e2447](13e2447)) * Present Error Handling Job ([#1204](#1204)) ([3191d8b](3191d8b)) * present error handling Part 2 ([#1177](#1177)) ([9ac6e52](9ac6e52)) * Verification Policy Error Handling ([#1228](#1228)) ([6117a3c](6117a3c)) ### Features * add oidc4vci protocol MVP ([#1182](#1182)) ([3ae91dc](3ae91dc)) * add schemaId to the issuance session ([#1199](#1199)) ([97f5d83](97f5d83)) * add support for EcdsaSecp256k1Signature2019Proof and fix pk encoding for EddsaJcs2022Proof ([#1127](#1127)) ([e617ded](e617ded)) * **agent:** add browser fingerprint label to http metrics ([#1231](#1231)) ([f090554](f090554)) * ATL 6829 - Integrate ZIO failures and defects ADR in credential status list ([#1175](#1175)) ([dffad1d](dffad1d)) * ATL-6832 ZIO failures and defects in entity controller ([#1203](#1203)) ([9050094](9050094)) * ATL-6833 integrate ZIO failures and defects in wallet event controller ([#1186](#1186)) ([8bc2018](8bc2018)) * ATL-6834 Use ZIO Failures and Defects effectively in the Issue flow ([#1139](#1139)) ([ede7b77](ede7b77)) * Handle Error in Background Jobs - Improve the way we store errors and defects in DB ([#1218](#1218)) ([e3cadc9](e3cadc9)) * implement ADR Use ZIO Failures and Defects Effectively - Mercury should not throw exceptions ([#1192](#1192)) ([a4ce87f](a4ce87f)) * improve OpenAPI's PresentProof to make more consistent ([#1130](#1130)) ([bdc5d20](bdc5d20)) * Integrate ZIO failures and defects ADR in DID Registrar Controller and Mercury ([#1180](#1180)) ([d8e2120](d8e2120)) * SDJWT holder key binding ([#1185](#1185)) ([628f2f0](628f2f0)) * use kid in the jwt proof header of OID4VCI CredentialIssue request ([#1184](#1184)) ([ee53eda](ee53eda)) * use the compact format in SD-JWT ([#1169](#1169)) ([65da651](65da651)) Signed-off-by: Allain Magyar <[email protected]> Signed-off-by: Pat Losoponkul <[email protected]>
patlo-iog
pushed a commit
that referenced
this pull request
Jul 1, 2024
Signed-off-by: Pat Losoponkul <[email protected]> test: remove println Signed-off-by: Pat Losoponkul <[email protected]> chore(release): cut Identus Cloud agent 1.37.0-snapshot.test.1 release * avoid name and operationId conflict when creating oas client ([#1233](#1233)) ([73e8e24](73e8e24)) * incorrect parsing of public key coordinates and enable some tests again ([#1215](#1215)) ([5398a75](5398a75)) * KeyID from String to Opaque Type and presentation job cleanup ([#1190](#1190)) ([b813faf](b813faf)) * make init-script.sh idempotent [#1173](#1173) ([#1194](#1194)) ([1712062](1712062)) * migrate and repair in case of renaming issues ([#1211](#1211)) ([cb4d479](cb4d479)) * Present Error Handling (Part 1: Repo Changes) ([#1172](#1172)) ([13e2447](13e2447)) * Present Error Handling Job ([#1204](#1204)) ([3191d8b](3191d8b)) * present error handling Part 2 ([#1177](#1177)) ([9ac6e52](9ac6e52)) * Verification Policy Error Handling ([#1228](#1228)) ([6117a3c](6117a3c)) * add oidc4vci protocol MVP ([#1182](#1182)) ([3ae91dc](3ae91dc)) * add schemaId to the issuance session ([#1199](#1199)) ([97f5d83](97f5d83)) * add support for EcdsaSecp256k1Signature2019Proof and fix pk encoding for EddsaJcs2022Proof ([#1127](#1127)) ([e617ded](e617ded)) * **agent:** add browser fingerprint label to http metrics ([#1231](#1231)) ([f090554](f090554)) * ATL 6829 - Integrate ZIO failures and defects ADR in credential status list ([#1175](#1175)) ([dffad1d](dffad1d)) * ATL-6832 ZIO failures and defects in entity controller ([#1203](#1203)) ([9050094](9050094)) * ATL-6833 integrate ZIO failures and defects in wallet event controller ([#1186](#1186)) ([8bc2018](8bc2018)) * ATL-6834 Use ZIO Failures and Defects effectively in the Issue flow ([#1139](#1139)) ([ede7b77](ede7b77)) * Handle Error in Background Jobs - Improve the way we store errors and defects in DB ([#1218](#1218)) ([e3cadc9](e3cadc9)) * implement ADR Use ZIO Failures and Defects Effectively - Mercury should not throw exceptions ([#1192](#1192)) ([a4ce87f](a4ce87f)) * improve OpenAPI's PresentProof to make more consistent ([#1130](#1130)) ([bdc5d20](bdc5d20)) * Integrate ZIO failures and defects ADR in DID Registrar Controller and Mercury ([#1180](#1180)) ([d8e2120](d8e2120)) * SDJWT holder key binding ([#1185](#1185)) ([628f2f0](628f2f0)) * use kid in the jwt proof header of OID4VCI CredentialIssue request ([#1184](#1184)) ([ee53eda](ee53eda)) * use the compact format in SD-JWT ([#1169](#1169)) ([65da651](65da651)) Signed-off-by: Allain Magyar <[email protected]> Signed-off-by: Pat Losoponkul <[email protected]>
hyperledger-bot
added a commit
that referenced
this pull request
Jul 1, 2024
# [1.37.0](cloud-agent-v1.36.1...cloud-agent-v1.37.0) (2024-07-01) ### Bug Fixes * avoid name and operationId conflict when creating oas client ([#1233](#1233)) ([73e8e24](73e8e24)) * incorrect parsing of public key coordinates and enable some tests again ([#1215](#1215)) ([5398a75](5398a75)) * KeyID from String to Opaque Type and presentation job cleanup ([#1190](#1190)) ([b813faf](b813faf)) * make init-script.sh idempotent [#1173](#1173) ([#1194](#1194)) ([1712062](1712062)) * migrate and repair in case of renaming issues ([#1211](#1211)) ([cb4d479](cb4d479)) * Present Error Handling (Part 1: Repo Changes) ([#1172](#1172)) ([13e2447](13e2447)) * Present Error Handling Job ([#1204](#1204)) ([3191d8b](3191d8b)) * present error handling Part 2 ([#1177](#1177)) ([9ac6e52](9ac6e52)) * Verification Policy Error Handling ([#1228](#1228)) ([6117a3c](6117a3c)) ### Features * add oidc4vci protocol MVP ([#1182](#1182)) ([3ae91dc](3ae91dc)) * add schemaId to the issuance session ([#1199](#1199)) ([97f5d83](97f5d83)) * add support for EcdsaSecp256k1Signature2019Proof and fix pk encoding for EddsaJcs2022Proof ([#1127](#1127)) ([e617ded](e617ded)) * **agent:** add browser fingerprint label to http metrics ([#1231](#1231)) ([f090554](f090554)) * ATL 6829 - Integrate ZIO failures and defects ADR in credential status list ([#1175](#1175)) ([dffad1d](dffad1d)) * ATL-6832 ZIO failures and defects in entity controller ([#1203](#1203)) ([9050094](9050094)) * ATL-6833 integrate ZIO failures and defects in wallet event controller ([#1186](#1186)) ([8bc2018](8bc2018)) * ATL-6834 Use ZIO Failures and Defects effectively in the Issue flow ([#1139](#1139)) ([ede7b77](ede7b77)) * Handle Error in Background Jobs - Improve the way we store errors and defects in DB ([#1218](#1218)) ([e3cadc9](e3cadc9)) * implement ADR Use ZIO Failures and Defects Effectively - Mercury should not throw exceptions ([#1192](#1192)) ([a4ce87f](a4ce87f)) * improve OpenAPI's PresentProof to make more consistent ([#1130](#1130)) ([bdc5d20](bdc5d20)) * Integrate ZIO failures and defects ADR in DID Registrar Controller and Mercury ([#1180](#1180)) ([d8e2120](d8e2120)) * SDJWT holder key binding ([#1185](#1185)) ([628f2f0](628f2f0)) * use kid in the jwt proof header of OID4VCI CredentialIssue request ([#1184](#1184)) ([ee53eda](ee53eda)) * use the compact format in SD-JWT ([#1169](#1169)) ([65da651](65da651)) Signed-off-by: Allain Magyar <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description:
SDJWT
This feature enables the creation of credentials bound to the holder's key.
Verifiers can now use a challenge and domain to verify the holder's binding to the credential.
If a
keyIdis provided (an optional field) when the holder accepts the offer, the holder's key will be bound to the credential.If the
keyIdis not provided, holder key binding is not supported.During verification request if the domain and challenge is requested, the key binding is necessary to support this flow and key bouded to the credential is used
Alternatives Considered (optional):
Link to existing ADR (Architecture Decision Record), if any. If relevant, describe other approaches explored and the selected approach. Documenting why the methods were not selected will create a knowledge base for future reference, helping prevent others from revisiting less optimal ideas.
Checklist: