feat: sd-jwt support #132
feat: sd-jwt support #132
Conversation
Signed-off-by: Timo Glastra <[email protected]>
Signed-off-by: Timo Glastra <[email protected]>
Signed-off-by: Timo Glastra <[email protected]>
Signed-off-by: Timo Glastra <[email protected]>
|
Also updated this PR to released version of SSI-types, should be ready to merge now |
Codecov ReportAttention:
❗ Your organization needs to install the Codecov GitHub app to enable full functionality. Additional details and impacted files@@ Coverage Diff @@
## develop #132 +/- ##
===========================================
- Coverage 94.70% 94.16% -0.55%
===========================================
Files 63 64 +1
Lines 2247 2364 +117
Branches 488 545 +57
===========================================
+ Hits 2128 2226 +98
- Misses 114 133 +19
Partials 5 5
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
Signed-off-by: Timo Glastra <[email protected]>
Signed-off-by: Timo Glastra <[email protected]>
|
Hey @nklomp also commented this on Sphereon-Opensource/OID4VC#80, but do you have by any chance some time to merge and release this PR this week? It's beginning to be a blocker on our side for finishing the OID4VCI integration in AFJ |
There was a problem hiding this comment.
2 remarks, for which I will create separate issues.
- The sync and async hasher asymmetry from the user perspective
- The need to type results from CredentialMapper after the introduction.
I will create separate tickets for these, to look at later, to not block the PR for now. We will be doing some refactoring and simplification also for PEX (removing v1 of PEX)
| import { PresentationDefinitionV1VB, PresentationDefinitionV2VB, PresentationSubmissionVB, Validated, ValidationEngine } from './validation'; | ||
|
|
||
| export interface PEXOptions { | ||
| /** | ||
| * Hasher implementation, can be used for tasks such as decoding a compact SD-JWT VC to it's encoded variant. |
There was a problem hiding this comment.
What is the exact reason. I do not immediately see why async and sync could not behave in the same way. When looking up the Hasher implementation a week ago, I noticed they have 2 types/interfaces. One basically being the async version the other the sync version. Is there a specific reason for it? Right now it is just one function, so why not have a type that is either one or the other using an OrPromise<> ?
There was a problem hiding this comment.
I made the difference as otherwise a lot of top-level, now-sync, API methods have to become asynchronous in PEX, which I wanted to be cautious of.
If that's ok with you then i can combine them
What do you mean with this exactly? |
We're still actively using v1. But as the changes are so minimal I think we can use your library with v2 and do some small transformations to map between v1/v2 |
Adds support for creating and evaluating presentations using SD-JWT credentials.
It is dependant on Sphereon-Opensource/SSI-SDK#145 to be merged and released first.The library is able to limit disclosures based on the presentation definition, and will construct the base KB jwt (keybinding jwt) to be added to the SD-JWT in a presentation.
Everything should work as it did before, except that we now have more types in the interfaces. So same as with other libraries, it might be nice to add an abstraction layer here as well (e.g. in the sign options we split it into jwt, json-ld and sd-jwt as the sign options differ quite a lot, and then the user has more insights on what the actual different payloads can be)
I've added SdJwt.spec.ts to test the new SD-JWT releated functionalities.