diff --git a/examples/client_metadata/client_client_id_did.json b/examples/client_metadata/client_client_id_did.json index c9894b44..b3c03abb 100644 --- a/examples/client_metadata/client_client_id_did.json +++ b/examples/client_metadata/client_client_id_did.json @@ -4,15 +4,18 @@ "response_type": "vp_token id_token", "client_metadata": { "vp_formats": { - "jwt_vp_json": { + "jose_vp": { "alg": [ "EdDSA", "ES256K" ] }, - "ldp_vp": { + "di_vp": { "proof_type": [ - "Ed25519Signature2018" + "DataIntegrityProof" + ], + "cryptosuite": [ + "ecdsa-sd-2023" ] } }, diff --git a/examples/client_metadata/client_code_format.json b/examples/client_metadata/client_code_format.json index 50d77cac..10591639 100644 --- a/examples/client_metadata/client_code_format.json +++ b/examples/client_metadata/client_code_format.json @@ -5,15 +5,18 @@ "response_type": "code", "grant_type": "authorization_code", "vp_formats": { - "jwt_vp_json": { + "jose_vp": { "alg": [ "EdDSA", "ES256K" ] }, - "ldp_vp": { + "di_vp": { "proof_type": [ - "Ed25519Signature2018" + "DataIntegrityProof" + ], + "cryptosuite": [ + "ecdsa-sd-2023" ] }, "client_name": "My Example", diff --git a/examples/credentials/ldp_vc.json b/examples/credentials/dip_vc.json similarity index 51% rename from examples/credentials/ldp_vc.json rename to examples/credentials/dip_vc.json index a49e01cc..07c495a7 100644 --- a/examples/credentials/ldp_vc.json +++ b/examples/credentials/dip_vc.json @@ -1,7 +1,7 @@ { "@context": [ - "https://www.w3.org/2018/credentials/v1", - "https://www.w3.org/2018/credentials/examples/v1" + "https://www.w3.org/ns/credentials/v2", + "https://www.w3.org/ns/credentials/examples/v2" ], "id": "https://example.com/credentials/1872", "type": [ @@ -9,9 +9,10 @@ "IDCredential" ], "issuer": { - "id": "did:example:issuer" + "id": "https://issuer.example/issuers/14", + "name": "Example Issuer" }, - "issuanceDate": "2010-01-01T19:23:24Z", + "validFrom": "2010-01-01T19:23:24Z", "credentialSubject": { "given_name": "Max", "family_name": "Mustermann", @@ -24,10 +25,11 @@ } }, "proof": { - "type": "Ed25519Signature2018", - "created": "2021-03-19T15:30:15Z", - "jws": "eyJhb...JQdBw", + "type": "DataIntegrityProof", + "cryptosuite": "eddsa-rdfc-2022", + "created": "2021-11-13T18:19:39Z", + "verificationMethod": "https://issuer.example/issuers/14#key-1", "proofPurpose": "assertionMethod", - "verificationMethod": "did:example:issuer#keys-1" + "proofValue": "z58DAdFfa9SkqZMVPxAQp...jQCrfFPP2oumHKtz" } } \ No newline at end of file diff --git a/examples/credentials/jose_vc.json b/examples/credentials/jose_vc.json new file mode 100644 index 00000000..ec6de715 --- /dev/null +++ b/examples/credentials/jose_vc.json @@ -0,0 +1,25 @@ +{ + "id": "http://example.gov/credentials/3732", + "@context": [ + "https://www.w3.org/ns/credentials/v2", + "https://www.w3.org/ns/credentials/examples/v2" + ], + "type": [ + "VerifiableCredential", + "IDCredential" + ], + "issuer": "https://example.gov/issuers/565049", + "validFrom": "2010-01-01T19:23:24Z", + "credentialSubject": { + "id": "did:example:ebfeb1f712ebc6f1c276e12ec21", + "given_name": "Max", + "family_name": "Mustermann", + "birthdate": "1998-01-11", + "address": { + "street_address": "Sandanger 25", + "locality": "Musterstadt", + "postal_code": "123456", + "country": "DE" + } + } +} \ No newline at end of file diff --git a/examples/credentials/jwt_vc.json b/examples/credentials/jwt_vc.json deleted file mode 100644 index cbe7749f..00000000 --- a/examples/credentials/jwt_vc.json +++ /dev/null @@ -1,27 +0,0 @@ -{ - "iss": "https://example.gov/issuers/565049", - "nbf": 1262304000, - "jti": "http://example.gov/credentials/3732", - "sub": "did:example:ebfeb1f712ebc6f1c276e12ec21", - "vc": { - "@context": [ - "https://www.w3.org/2018/credentials/v1", - "https://www.w3.org/2018/credentials/examples/v1" - ], - "type": [ - "VerifiableCredential", - "IDCredential" - ], - "credentialSubject": { - "given_name": "Max", - "family_name": "Mustermann", - "birthdate": "1998-01-11", - "address": { - "street_address": "Sandanger 25", - "locality": "Musterstadt", - "postal_code": "123456", - "country": "DE" - } - } - } -} \ No newline at end of file diff --git a/examples/request/pd_jwt_vc.json b/examples/request/pd_dip_vc.json similarity index 71% rename from examples/request/pd_jwt_vc.json rename to examples/request/pd_dip_vc.json index a8e23c0e..4cb9a8f6 100644 --- a/examples/request/pd_jwt_vc.json +++ b/examples/request/pd_dip_vc.json @@ -1,12 +1,15 @@ { - "id": "example_jwt_vc", + "id": "example_di_vc", "input_descriptors": [ { "id": "id_credential", "format": { - "jwt_vc_json": { + "di_vc": { "proof_type": [ - "JsonWebSignature2020" + "DataIntegrityProof" + ], + "cryptosuite": [ + "eddsa-rdfc-2022" ] } }, @@ -14,7 +17,7 @@ "fields": [ { "path": [ - "$.vc.type" + "$.type" ], "filter": { "type": "array", diff --git a/examples/request/pd_ldp_vc.json b/examples/request/pd_jose_vc.json similarity index 75% rename from examples/request/pd_ldp_vc.json rename to examples/request/pd_jose_vc.json index 96c22a81..26b8f0d0 100644 --- a/examples/request/pd_ldp_vc.json +++ b/examples/request/pd_jose_vc.json @@ -1,12 +1,14 @@ { - "id": "example_ldp_vc", + "id": "example_jose_vc", "input_descriptors": [ { "id": "id_credential", "format": { - "ldp_vc": { - "proof_type": [ - "Ed25519Signature2018" + "jose_vc_json": { + "alg": [ + "EdDSA", + "ES256K", + "ES384" ] } }, diff --git a/examples/request/request_object_client_id_did.json b/examples/request/request_object_client_id_did.json index d8096e7e..a8949852 100644 --- a/examples/request/request_object_client_id_did.json +++ b/examples/request/request_object_client_id_did.json @@ -6,15 +6,18 @@ "presentation_definition": "...", "client_metadata": { "vp_formats": { - "jwt_vp": { + "jose_vp": { "alg": [ "EdDSA", "ES256K" ] }, - "ldp_vp": { + "di_vp": { "proof_type": [ - "Ed25519Signature2018" + "DataIntegrityProof" + ], + "cryptosuite": [ + "eddsa-rdfc-2022" ] } } diff --git a/examples/request/vp_token_alternative_credentials.json b/examples/request/vp_token_alternative_credentials.json index dd458930..0f115f09 100644 --- a/examples/request/vp_token_alternative_credentials.json +++ b/examples/request/vp_token_alternative_credentials.json @@ -15,9 +15,12 @@ "A" ], "format": { - "ldp_vc": { + "di_vc": { "proof_type": [ - "Ed25519Signature2018" + "DataIntegrityProof" + ], + "cryptosuite": [ + "eddsa-rdfc-2022" ] } }, @@ -38,7 +41,7 @@ { "id": "passport credential", "format": { - "jwt_vc_json": { + "jose_vc": { "alg": [ "RS256" ] @@ -51,7 +54,7 @@ "fields": [ { "path": [ - "$.vc.type" + "$.type" ], "filter": { "type": "string", diff --git a/examples/request/vp_token_type_and_claims.json b/examples/request/vp_token_type_and_claims.json index 65d26b13..35505ca4 100644 --- a/examples/request/vp_token_type_and_claims.json +++ b/examples/request/vp_token_type_and_claims.json @@ -4,9 +4,12 @@ { "id": "ID card with constraints", "format": { - "ldp_vc": { + "di_vc": { "proof_type": [ - "Ed25519Signature2018" + "DataIntegrityProof" + ], + "cryptosuite": [ + "eddsa-rdfc-2022" ] } }, diff --git a/examples/request/vp_token_type_only.json b/examples/request/vp_token_type_only.json index 11c22314..ebbaf945 100644 --- a/examples/request/vp_token_type_only.json +++ b/examples/request/vp_token_type_only.json @@ -4,9 +4,12 @@ { "id": "id card credential", "format": { - "ldp_vc": { + "di_vc": { "proof_type": [ - "Ed25519Signature2018" + "DataIntegrityProof" + ], + "cryptosuite": [ + "eddsa-rdfc-2022" ] } }, diff --git a/examples/request/vp_token_type_only_ac_and_ldp.json b/examples/request/vp_token_type_only_ac_and_ldp.json index 513d4462..42b45d75 100644 --- a/examples/request/vp_token_type_only_ac_and_ldp.json +++ b/examples/request/vp_token_type_only_ac_and_ldp.json @@ -9,9 +9,12 @@ { "id": "id card credential", "format": { - "ldp_vc": { + "di_vc": { "proof_type": [ - "Ed25519Signature2018" + "DataIntegrityProof" + ], + "cryptosuite": [ + "eddsa-rdfc-2022" ] } }, diff --git a/examples/response/dip_vp.json b/examples/response/dip_vp.json new file mode 100644 index 00000000..97f90685 --- /dev/null +++ b/examples/response/dip_vp.json @@ -0,0 +1,53 @@ +{ + "@context": [ + "https://www.w3.org/ns/credentials/v2", + ], + "type": [ + "VerifiablePresentation" + ], + "verifiableCredential": [ + { + "@context": [ + "https://www.w3.org/ns/credentials/v2", + "https://www.w3.org/ns/credentials/examples/v2", + ], + "id": "https://example.com/credentials/1872", + "type": [ + "VerifiableCredential", + "IDCredential" + ], + "issuer": { + "id": "did:example:issuer", + "name": "Example Issuer" + }, + "validFrom": "2010-01-01T19:23:24Z", + "credentialSubject": { + "given_name": "Max", + "family_name": "Mustermann", + "birthdate": "1998-01-11", + "address": { + "street_address": "Sandanger 25", + "locality": "Musterstadt", + "postal_code": "123456", + "country": "DE" + } + }, + "proof": { + "type": "DataIntegrityProof", + "verificationMethod": "did:web:issuer.utopia.example#zUC75LjjCLGKRxSissX1nAebRDmY4Bv4T6MAbzgaap9Q8rAGf6SEjc2Hf4nH6bUPDwky3GWoYcUjMCcEqRRQfXEiNwfeDwNYLoeqk1J1W2Ye8vCdwv4fSd8AZ1yS6UoNzcsQoPS", + "cryptosuite": "bbs-2023", + "proofPurpose": "assertionMethod", + "proofValue": "u2V0DhVkCkLdnshxHtgeHJBBUGPBqcEooPp9ahgqs08RsoqW5EJFmsi70jqf2X368VcmfdJdYcYJwObPIg5dlyaoBm34N9BqcZ4RlTZvgwX79ivGnqLALC0EqKn2wOj5hRO76xUakfLGIcT4mE-G7CxA1FTs8sRCWy5p6FozelBYiZU2YlhUpJ7pBwelZ9wnlcbj4q-KyxAj5GU2iWp7-FxU-E624DmdT-yvCkAGRRrYej6lMwg7jB9uCHypOXXH2dVZ-jpf74YBaE4rMTxPFh60GN4o3S65F1fMsJbEMLdrXa8Vs6ZSlmveUcY1X7oPr1UIxo17ehVTCjOxWunYqrtLi9cVkYOD2s9XMk1oFVWBB3UY29axXQQXlZVfvTIUsfVc667mnlYbF7a-ko_SUfeY2n3s1DOAap5keeNU0v2KVPCbxA2WGz7UJy4xJv2a8olMOWPKjAEUruCx_dsbyicd-9KGwhYoUEO3HoAzmtI6qXVhMbJKxPrhtcp8hOdD9izVS5ed4CxHNaDGPSopF_MBwjxwPcpUufNNNdQwesrbtFJo0-P-1CrX_jSxKFMle2b3t24UbHRbZw7QnX4OG-SSVucem5jpMXTDFZ8PLFCqXX0zncJ_MQ-_u-liE-MwJu3ZemsXBp1JoB2twS0TqDVzSWR7bpFZKI9_07fKUAmQNSV_no9iAgYRLuPrnnsW1gQgCV-nNqzbcCOpzkHdCqro6nPSATq5Od3Einfc683gm5VGWxIldM0aBPytOymNz7PIZ6wkgcMABMe5Vw46B54ftW-TN5YZPDmCJ_kt7Mturn0OeQr9KJCu7S0I-SN14mL9KtGE1XDnIeR-C_YZhSA3vX4923v1l3vNFsKasqy9iEPHKM0hcogABAQCGAAECBAUGhAMJCgtYUnsiY2hhbGxlbmdlIjoiNGd2OFJyaERPdi1OSHByYlZNQlM1IiwiZG9tYWluIjoiaHR0cHM6Ly9wbGF5Z3JvdW5kLmFscGhhLmNoYXBpLmlvIn0" + } + } + ], + "id": "ebc6f1c2", + "holder": "did:example:holder", + "proof": { + "type": "DataIntegrityProof", + "verificationMethod": "did:web:playground.alpha.chapi.io#zUC75LjjCLGKRxSissX1nAebRDmY4Bv4T6MAbzgaap9Q8rAGf6SEjc2Hf4nH6bUPDwky3GWoYcUjMCcEqRRQfXEiNwfeDwNYLoeqk1J1W2Ye8vCdwv4fSd8AZ1yS6UoNzcsQoPS", + "cryptosuite": "bbs-2023", + "proofPurpose": "assertionMethod", + "proofValue": "u2V0ChVhQjYs9O7wUb3KRSMaIRX7jmafVHYDPYBLD4ta85_qmuXTBU_t2Ir7pNujwRE6fERsBUEZRSjJjtI-hqOqDs3VvBvH6gd3o2KeUS2V_zpuphPpYQEkapOeQgRTak9lHKSTqEQqa4j2lyHqekEeGvzPlqcHQGFccGifvLUXtP59jCuGJ86HDA9HL5kDzUT6n4Gi50HlYYIzNqhbjIxlqOuxO2IgIppSTWjQGeer34-PmKnOzKX8m_9DHPhif7TUf5uTV4OQWdhb0SxHnJ-CPu_z9FJ5ACekBQhz6YWS0_CY6j_ibucXzeVfZwLv1W47pjbt-l1Vl5VggSn2xVt69Q0GD9mPKpOhkKV_hyOL7i6haf7bq-gOKAwWDZy9pc3N1ZXJtL2lzc3VhbmNlRGF0ZW8vZXhwaXJhdGlvbkRhdGU" + } +} \ No newline at end of file diff --git a/examples/response/id_token_is_jose_vp.json b/examples/response/id_token_is_jose_vp.json new file mode 100644 index 00000000..7652eaf2 --- /dev/null +++ b/examples/response/id_token_is_jose_vp.json @@ -0,0 +1,96 @@ +{ + "aud": "https://book.itsourweb.org:3000/ohip", + "auth_time": 1615910535, + "nonce": "960848874", + "@context": [ + "https://www.w3.org/ns/credentials/v2", + ], + "type": [ + "VerifiablePresentation" + ], + "issuer": "https://self-issued.me/v2", + "validFrom": "2010-01-01T19:23:24Z", + "validUntil": "2015-01-01T19:23:24Z", + "holder": "did:key:zUC728ZwioxiqLMp4LKmwkso1G3us1F9Az873MoEdDkni8GCAam5NeKqzVLjiynmtdGeBiJAbYe6BcqU2QmUBQQpiRf4HE9nmRFPqYwbVSNJcs4LEmrnzHLAVwN9iS76PD3W59W", + "verifiableCredential": [ + { + "credentialSubject": { + "givenName": "Marion", + "id": "did:key:zUC728ZwioxiqLMp4LKmwkso1G3us1F9Az873MoEdDkni8GCAam5NeKqzVLjiynmtdGeBiJAbYe6BcqU2QmUBQQpiRf4HE9nmRFPqYwbVSNJcs4LEmrnzHLAVwN9iS76PD3W59W", + "type": [ + "Person", + "PermanentResident" + ] + }, + "validFrom": "2021-09-09T10:21:48.674916400", + "id": "urn:bnid:_:c14n0", + "proof": { + "type": "DataIntegrityProof", + "verificationMethod": "did:web:playground.alpha.chapi.io#zUC75LjjCLGKRxSissX1nAebRDmY4Bv4T6MAbzgaap9Q8rAGf6SEjc2Hf4nH6bUPDwky3GWoYcUjMCcEqRRQfXEiNwfeDwNYLoeqk1J1W2Ye8vCdwv4fSd8AZ1yS6UoNzcsQoPS", + "cryptosuite": "bbs-2023", + "proofPurpose": "assertionMethod", + "proofValue": "u2V0ChVhQjYs9O7wUb3KRSMaIRX7jmafVHYDPYBLD4ta85_qmuXTBU_t2Ir7pNujwRE6fERsBUEZRSjJjtI-hqOqDs3VvBvH6gd3o2KeUS2V_zpuphPpYQEkapOeQgRTak9lHKSTqEQqa4j2lyHqekEeGvzPlqcHQGFccGifvLUXtP59jCuGJ86HDA9HL5kDzUT6n4Gi50HlYYIzNqhbjIxlqOuxO2IgIppSTWjQGeer34-PmKnOzKX8m_9DHPhif7TUf5uTV4OQWdhb0SxHnJ-CPu_z9FJ5ACekBQhz6YWS0_CY6j_ibucXzeVfZwLv1W47pjbt-l1Vl5VggSn2xVt69Q0GD9mPKpOhkKV_hyOL7i6haf7bq-gOKAwWDZy9pc3N1ZXJtL2lzc3VhbmNlRGF0ZW8vZXhwaXJhdGlvbkRhdGU" + }, + "type": [ + "PermanentResidentCard", + "VerifiableCredential" + ], + "@context": [ + "https://www.w3.org/ns/credentials/v2", + "https://w3id.org/citizenship/v3", + ], + "issuer": "did:key:zUC75L3fD1DJhbPaDxPJxnVWJ84JT8cQB45cgeJ1UMcFamZDtkPujCG7fuoQDy6JbsT3kCyx24i1k9NE7PoVwQbzifyH7eu4fsAmxXgArdwJ1wbZ3eKbtpPbLYK8QuuUfafxyoH" + }, + { + "credentialSubject": { + "nextVaccinationDate": "2021-08-16T13:40:12Z", + "dateOfVaccination": "2021-06-23T13:40:12Z", + "id": "did:key:zUC728ZwioxiqLMp4LKmwkso1G3us1F9Az873MoEdDkni8GCAam5NeKqzVLjiynmtdGeBiJAbYe6BcqU2QmUBQQpiRf4HE9nmRFPqYwbVSNJcs4LEmrnzHLAVwN9iS76PD3W59W", + "type": "VaccinationEvent", + "healthProfessional": "883110000015376" + }, + "validFrom": "2021-09-09T10:20:47.334854600", + "id": "urn:bnid:_:c14n0", + "proof": { + "type": "DataIntegrityProof", + "verificationMethod": "did:web:playground.alpha.chapi.io#zUC75LjjCLGKRxSissX1nAebRDmY4Bv4T6MAbzgaap9Q8rAGf6SEjc2Hf4nH6bUPDwky3GWoYcUjMCcEqRRQfXEiNwfeDwNYLoeqk1J1W2Ye8vCdwv4fSd8AZ1yS6UoNzcsQoPS", + "cryptosuite": "bbs-2023", + "proofPurpose": "assertionMethod", + "proofValue": "u2V0ChVhQjYs9O7wUb3KRSMaIRX7jmafVHYDPYBLD4ta85_qmuXTBU_t2Ir7pNujwRE6fERsBUEZRSjJjtI-hqOqDs3VvBvH6gd3o2KeUS2V_zpuphPpYQEkapOeQgRTak9lHKSTqEQqa4j2lyHqekEeGvzPlqcHQGFccGifvLUXtP59jCuGJ86HDA9HL5kDzUT6n4Gi50HlYYIzNqhbjIxlqOuxO2IgIppSTWjQGeer34-PmKnOzKX8m_9DHPhif7TUf5uTV4OQWdhb0SxHnJ-CPu_z9FJ5ACekBQhz6YWS0_CY6j_ibucXzeVfZwLv1W47pjbt-l1Vl5VggSn2xVt69Q0GD9mPKpOhkKV_hyOL7i6haf7bq-gOKAwWDZy9pc3N1ZXJtL2lzc3VhbmNlRGF0ZW8vZXhwaXJhdGlvbkRhdGU" + }, + "type": [ + "VaccinationCertificate", + "VerifiableCredential" + ], + "@context": [ + "https://www.w3.org/ns/credentials/v2", + "https://w3id.org/vaccination/v1", + "https://w3id.org/security/bbs/v1" + ], + "issuer": "did:key:zUC7DQWuAVPvLFioEsN7KbLwuuSwiKHZhG7DyJBRPT9FN4LnaCbT7EkQFGyA32C9tfovnijMo9MtKQB7Fr5fDood26NiCNVJDpycMPT24gvRHvcyMGQQESzN54vGdJGxdCKQTW9" + } + ] +}, +"presentation_submission": { + "descriptor_map": [ + { + "format": "jose_vp", + "id": "citizenship", + "path": "$", + "path_nested": { + "path": "$.verifiableCredential[0]", + "format": "di_vp" + } + }, + { + "format": "jose_vp", + "id": "vaccination certificate", + "path_nested": { + "path": "$.verifiableCredential[1]", + "format": "di_vp" + } + } + ], + "definition_id": "f837a384-31b3-4947-b344-8180c62bea41", + "id": "d60ac9e4-7fcf-4303-af7b-722d2a62ebb3" +} \ No newline at end of file diff --git a/examples/response/id_token_is_jwt_vp.json b/examples/response/id_token_is_jwt_vp.json deleted file mode 100644 index c64d8a23..00000000 --- a/examples/response/id_token_is_jwt_vp.json +++ /dev/null @@ -1,101 +0,0 @@ -{ - "iss": "https://self-issued.me/v2", - "aud": "https://book.itsourweb.org:3000/ohip", - "iat": 1615910538, - "exp": 1615911138, - "sub": "did:key:zUC728ZwioxiqLMp4LKmwkso1G3us1F9Az873MoEdDkni8GCAam5NeKqzVLjiynmtdGeBiJAbYe6BcqU2QmUBQQpiRf4HE9nmRFPqYwbVSNJcs4LEmrnzHLAVwN9iS76PD3W59W", - "auth_time": 1615910535, - "nonce": "960848874", - "vp": { - "@context": [ - "https://www.w3.org/2018/credentials/v1" - ], - "type": [ - "VerifiablePresentation" - ], - "verifiableCredential": [ - { - "credentialSubject": { - "givenName": "Marion", - "id": "did:key:zUC728ZwioxiqLMp4LKmwkso1G3us1F9Az873MoEdDkni8GCAam5NeKqzVLjiynmtdGeBiJAbYe6BcqU2QmUBQQpiRf4HE9nmRFPqYwbVSNJcs4LEmrnzHLAVwN9iS76PD3W59W", - "type": [ - "Person", - "PermanentResident" - ] - }, - "issuanceDate": "2021-09-09T10:21:48.674916400", - "id": "urn:bnid:_:c14n0", - "proof": { - "proofValue": "ABQPg4+Nm9EdC6Zjaqp9kXC42zokwN0wI8zfAg6oVURWSNs+kH9HBm3GY8F5oU5GjgabQMy5qUkd0SxvY0oPt9pR62zU/SPikvCf+KZJqwphOsjc+lS9DL5GjrlXM8ka7u+o2MWUUzFtId6PZohpb6NQBArXNZNC1yBlZTOskirx3LRGK3JcAaqWOd0m8BGU+VAC5kQAAAB0qE4+sb4A82RcoZNSfvevIbo3p2Oa+s9trJB2+a5AEu/PvIIDU3hAnqj2kgU58W/IAAAAAjI7A3j0AkR1eqGrUk0b15HpOnk+TzwGaLNqiUHPVxUXKLoAIcwJgzvcIWhCjuGekUTf3eq/JX+U3g9jmHTFS3SBw4kv87OcUtgtbvsU8jS7h6kbKErmTQ1joz5ybzdzG0OfmS9NUZWJeZXwO3hihgcAAAAKHKIjEFhOCKUSpD2d5uWfKpQ14+Mj7Lpv6DA912hRJr1wf3pAfBP5fMyov4J1lNSxecFyckpkn/qdX9ZVQeyYimC77/bmsu1A5dMHvw9THfDSmoR7CIs7bu/4tYrvpu9cPW8a1VXP8Yzx1+MqBbKIqtwippH0XSZL46Po41nfrKFCEEf0y1td7U2F3TTAY/974+uLQDg+EFcisMIsEW/UwhN8qnQFiTkfM3CFDBcxobtnPmQdV6qerJ04bmeuTOmkIpdZEsSbFKeE/9BPw4Y3sO36wlUXznobA5Ia/x24vTlugDfdT6Yp0TSWH3/D0jvnW8Y1IXxM+cG0on+iagg/pVHze8YpObOPA8wemPgWBVSAiAeAd/iajUR9Qml9PNpPaj5tZyBa8gqijXWMC7OoqBzgXNa2yI2DfEh1+qiJXeA=", - "created": "2021-09-09T08:21:50.832569", - "proofPurpose": "assertionMethod", - "type": "BbsBlsSignatureProof2020", - "verificationMethod": "did:key:zUC75L3fD1DJhbPaDxPJxnVWJ84JT8cQB45cgeJ1UMcFamZDtkPujCG7fuoQDy6JbsT3kCyx24i1k9NE7PoVwQbzifyH7eu4fsAmxXgArdwJ1wbZ3eKbtpPbLYK8QuuUfafxyoH#zUC75L3fD1DJhbPaDxPJxnVWJ84JT8cQB45cgeJ1UMcFamZDtkPujCG7fuoQDy6JbsT3kCyx24i1k9NE7PoVwQbzifyH7eu4fsAmxXgArdwJ1wbZ3eKbtpPbLYK8QuuUfafxyoH", - "nonce": "nVPbECQD9Mj3/Bdr8TBFCEFW1doz/rO9Ceq/C9fjK3yU7EZYaAAWuEGn+rA7kb+htQE=" - }, - "type": [ - "PermanentResidentCard", - "VerifiableCredential" - ], - "@context": [ - "https://www.w3.org/2018/credentials/v1", - "https://w3id.org/citizenship/v1", - "https://w3id.org/security/bbs/v1" - ], - "issuer": "did:key:zUC75L3fD1DJhbPaDxPJxnVWJ84JT8cQB45cgeJ1UMcFamZDtkPujCG7fuoQDy6JbsT3kCyx24i1k9NE7PoVwQbzifyH7eu4fsAmxXgArdwJ1wbZ3eKbtpPbLYK8QuuUfafxyoH" - }, - { - "credentialSubject": { - "nextVaccinationDate": "2021-08-16T13:40:12Z", - "dateOfVaccination": "2021-06-23T13:40:12Z", - "id": "did:key:zUC728ZwioxiqLMp4LKmwkso1G3us1F9Az873MoEdDkni8GCAam5NeKqzVLjiynmtdGeBiJAbYe6BcqU2QmUBQQpiRf4HE9nmRFPqYwbVSNJcs4LEmrnzHLAVwN9iS76PD3W59W", - "type": "VaccinationEvent", - "healthProfessional": "883110000015376" - }, - "issuanceDate": "2021-09-09T10:20:47.334854600", - "id": "urn:bnid:_:c14n0", - "proof": { - "proofValue": "ABsAA+4fiSdZ9QufxFI5o7EFK+/Aq+8JSZ6eowaYoskxzm9oRufmsN5yeCf92eGA4GLBcXkVlnLU+hwR+XKZlM8T2zCE+CNhggY57UQlgtmQDparWT4GEbNd1lC20/+0FK2RNU+pmKIlf6S9YZ+zX/5YOfsUAHLsQi/uzdzonJKptviKqS9wCOYJGaV0bI0EK7sqAoiDAAAAdI1RyInE73qqCVT2DLgTcS5ua2kLpgWyQRug80X/vDAUmjYg0Pti3fJeslfHtpTT2wAAAAJpMtPPvIxwKeD8LBOfMpELpWQCOUvHmcI0RnTEs/GU9gXRdN+0+IEp2rT726M27K5b9MHly7IX4zg5NmCme1J5hcCVLz0yZ9jlTo4/0lXxk1AGHwRTzaWbAoglG7xhJph8d4YUzvSf9BeuhGkqpGeSAAAAEC/8Fl08KNN0yHk3NLyqoRHV43fwfEwYekOup/r4UqlYcwToDfgtnOjuaXhUEjmTpZ/A+KZ0YbnCVxtEH6Fgh5kFUqRzb8dKLudj8mmK6WHxvKeeewxpb5K51sqrt7xtGyUP9Oabr16urP2WHge4I3aWP6nEuevnZqUs8mjxWBdRZw79wMt9zoFUg/pL0IlVDRZnSu7rLNsSrultS6Ib/zgS4m8Wfm9TbswKeIQGH9hL3Z6GINYjtx5Td1tAj8tWGkTafOPQW6zbTpAvJXBxTHy3Q7/pAna9eU7nZ8nH9VaVZJhoM4ZNMlbUsyJ/icHVVCJ8xGD6nhYv2ElFcBGRGxYQ+RUm8n6LzHhmicEnfqhbWhXOLnrw4QxmNYJoujUQsmsY838dmal8+SLQbfCILdj6Ipc9n+F6sHq5LYEV6a/zal+5YaQq5KljwTFlWa+K9HGdnKuTUbL7JIFRcReGMXpmyiAZZmpe3HMowjHSfotXZAsZlc76extQvFNyyLEYoS2Wa4LvxTPx0CWHX78RmoAovhKPMU3vTcipvvK5pvvsLowGJFTeEq8/ZxLFdJS/pq5P2GZXhGZ3b7Uho8/ouoRAJHrbKSTvTOrrmAuGdITV6y2yrEc7U+nFpYlVEwW2fEIFaolhDw0sjyZ6n75fymWwOdbxIUf1Zc21btWttpio", - "created": "2021-09-09T08:20:49.679048", - "proofPurpose": "assertionMethod", - "type": "BbsBlsSignatureProof2020", - "verificationMethod": "did:key:zUC7DQWuAVPvLFioEsN7KbLwuuSwiKHZhG7DyJBRPT9FN4LnaCbT7EkQFGyA32C9tfovnijMo9MtKQB7Fr5fDood26NiCNVJDpycMPT24gvRHvcyMGQQESzN54vGdJGxdCKQTW9#zUC7DQWuAVPvLFioEsN7KbLwuuSwiKHZhG7DyJBRPT9FN4LnaCbT7EkQFGyA32C9tfovnijMo9MtKQB7Fr5fDood26NiCNVJDpycMPT24gvRHvcyMGQQESzN54vGdJGxdCKQTW9", - "nonce": "6xL3rtxD3H7F0hx/o5DSHDkpz27jmA7bpHaWYBKMxUBRhI9nD/PNFItFnm6t44uVjr0=" - }, - "type": [ - "VaccinationCertificate", - "VerifiableCredential" - ], - "@context": [ - "https://www.w3.org/2018/credentials/v1", - "https://w3id.org/vaccination/v1", - "https://w3id.org/security/bbs/v1" - ], - "issuer": "did:key:zUC7DQWuAVPvLFioEsN7KbLwuuSwiKHZhG7DyJBRPT9FN4LnaCbT7EkQFGyA32C9tfovnijMo9MtKQB7Fr5fDood26NiCNVJDpycMPT24gvRHvcyMGQQESzN54vGdJGxdCKQTW9" - } - ] - }, - "presentation_submission": { - "descriptor_map": [ - { - "format": "jwt_vp_json", - "id": "citizenship", - "path": "$", - "path_nested": { - "path": "$.vp.verifiableCredential[0]", - "format": "ldp_vp" - } - }, - { - "format": "jwt_vp", - "id": "vaccination certificate", - "path_nested": { - "path": "$.vp.verifiableCredential[1]", - "format": "ldp_vp" - } - } - ], - "definition_id": "f837a384-31b3-4947-b344-8180c62bea41", - "id": "d60ac9e4-7fcf-4303-af7b-722d2a62ebb3" - } -} \ No newline at end of file diff --git a/examples/response/id_token_ref_vp_token.json b/examples/response/id_token_ref_vp_token.json index 58b4ad07..b9adfcbe 100644 --- a/examples/response/id_token_ref_vp_token.json +++ b/examples/response/id_token_ref_vp_token.json @@ -18,10 +18,10 @@ "descriptor_map": [ { "id": "ID Card with constraints", - "format": "ldp_vp", + "format": "di_vp", "path": "$", "path_nested": { - "format": "ldp_vc", + "format": "di_vc", "path": "$.verifiableCredential[0]" } } diff --git a/examples/response/id_token_ref_vp_token_code.json b/examples/response/id_token_ref_vp_token_code.json index 25c00cae..2afb0f8b 100644 --- a/examples/response/id_token_ref_vp_token_code.json +++ b/examples/response/id_token_ref_vp_token_code.json @@ -13,10 +13,10 @@ "descriptor_map": [ { "id": "ID Card with constraints", - "format": "ldp_vp", + "format": "di_vp", "path": "$", "path_nested": { - "format": "ldp_vc", + "format": "di_vc", "path": "$.verifiableCredential[0]" } } diff --git a/examples/response/id_token_ref_vp_token_multple_vps.json b/examples/response/id_token_ref_vp_token_multple_vps.json index 0ae8b606..6818e68f 100644 --- a/examples/response/id_token_ref_vp_token_multple_vps.json +++ b/examples/response/id_token_ref_vp_token_multple_vps.json @@ -18,20 +18,20 @@ "descriptor_map": [ { "id": "ID Card with constraints", - "format": "ldp_vp", + "format": "di_vp", "path": "$[0]", "path_nested": { - "format": "ldp_vc", + "format": "di_vc", "path": "$[0].verifiableCredential[0]" } }, { "id": "Ontario Health Insurance Plan", - "format": "jwt_vp_json", + "format": "jose_vp", "path": "$[1].presentation", "path_nested": { - "format": "jwt_vc", - "path": "$[1].presentation.vp.verifiableCredential[0]" + "format": "jose_vc", + "path": "$[1].presentation.verifiableCredential[0]" } } ] diff --git a/examples/response/jarm_jose_enc_only_vc_json_body.json b/examples/response/jarm_jose_enc_only_vc_json_body.json new file mode 100644 index 00000000..e95fdbc7 --- /dev/null +++ b/examples/response/jarm_jose_enc_only_vc_json_body.json @@ -0,0 +1,18 @@ +{ + "vp_token": "eyJhb...YMetA", + "presentation_submission": { + "definition_id": "example_jose_vc", + "id": "example_jose_vc_presentation_submission", + "descriptor_map": [ + { + "id": "id_credential", + "path": "$", + "format": "jose_vp", + "path_nested": { + "path": "$.verifiableCredential[0]", + "format": "jose_vc" + } + } + ] + } +} \ No newline at end of file diff --git a/examples/response/jarm_jwt_vc_json_body.json b/examples/response/jarm_jose_vc_json_body.json similarity index 61% rename from examples/response/jarm_jwt_vc_json_body.json rename to examples/response/jarm_jose_vc_json_body.json index 96a60b52..a948dc30 100644 --- a/examples/response/jarm_jwt_vc_json_body.json +++ b/examples/response/jarm_jose_vc_json_body.json @@ -4,16 +4,16 @@ "exp": 1573029723, "vp_token": "eyJhb...YMetA", "presentation_submission": { - "definition_id": "example_jwt_vc", - "id": "example_jwt_vc_presentation_submission", + "definition_id": "example_jose_vc", + "id": "example_jose_vc_presentation_submission", "descriptor_map": [ { "id": "id_credential", "path": "$", - "format": "jwt_vp_json", + "format": "jose_vp", "path_nested": { - "path": "$.vp.verifiableCredential[0]", - "format": "jwt_vc" + "path": "$.verifiableCredential[0]", + "format": "jose_vc" } } ] diff --git a/examples/response/jarm_jwt_vc_json_post.txt b/examples/response/jarm_jose_vc_json_post.txt similarity index 100% rename from examples/response/jarm_jwt_vc_json_post.txt rename to examples/response/jarm_jose_vc_json_post.txt diff --git a/examples/response/jarm_jwt_enc_only_vc_json_body.json b/examples/response/jarm_jwt_enc_only_vc_json_body.json deleted file mode 100644 index 591001ae..00000000 --- a/examples/response/jarm_jwt_enc_only_vc_json_body.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "vp_token": "eyJhb...YMetA", - "presentation_submission": { - "definition_id": "example_jwt_vc", - "id": "example_jwt_vc_presentation_submission", - "descriptor_map": [ - { - "id": "id_credential", - "path": "$", - "format": "jwt_vp_json", - "path_nested": { - "path": "$.vp.verifiableCredential[0]", - "format": "jwt_vc" - } - } - ] - } -} \ No newline at end of file diff --git a/examples/response/jose_vp.json b/examples/response/jose_vp.json new file mode 100644 index 00000000..78f50b24 --- /dev/null +++ b/examples/response/jose_vp.json @@ -0,0 +1,20 @@ +{ + "aud": "x509_san_uri:https://client.example.org/cb", + "id": "urn:uuid:3978344f-8596-4c3a-a978-8fcaba3903c5", + "issuer": "did:example:ebfeb1f712ebc6f1c276e12ec21", + "validFrom": "2021-11-01T00:00:00Z", + "validUntil": "2024-06-22T14:11:44Z", + "nonce": "n-0S6_WzA2Mj", + "@context": [ + "https://www.w3.org/ns/credentials/v2", + "https://www.w3.org/ns/credentials/examples/v2" + ], + "type": "VerifiablePresentation", + "verifiableCredential": [ + { + "@context": "https://www.w3.org/ns/credentials/v2", + "id": "data:application/vc+jwt,eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMzODQifQ.eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwiaWQiOiJodHRwOi8vdW5pdmVyc2l0eS5leGFtcGxlL2NyZWRlbnRpYWxzLzE4NzIiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiRXhhbXBsZUFsdW1uaUNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiaHR0cHM6Ly91bml2ZXJzaXR5LmV4YW1wbGUvaXNzdWVycy81NjUwNDkiLCJ2YWxpZEZyb20iOiIyMDEwLTAxLTAxVDE5OjIzOjI0WiIsImNyZWRlbnRpYWxTY2hlbWEiOnsiaWQiOiJodHRwczovL2V4YW1wbGUub3JnL2V4YW1wbGVzL2RlZ3JlZS5qc29uIiwidHlwZSI6Ikpzb25TY2hlbWEifSwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6ZXhhbXBsZToxMjMiLCJkZWdyZWUiOnsidHlwZSI6IkJhY2hlbG9yRGVncmVlIiwibmFtZSI6IkJhY2hlbG9yIG9mIFNjaWVuY2UgYW5kIEFydHMifX19.d2k4O3FytQJf83kLh-HsXuPvh6yeOlhJELVo5TF71gu7elslQyOf2ZItAXrtbXF4Kz9WivNdztOayz4VUQ0Mwa8yCDZkP9B2pH-9S_tcAFxeoeJ6Z4XnFuL_DOfkR1fP;data:application/vc+jwt,eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMzODQifQ.eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwiaWQiOiJodHRwOi8vdW5pdmVyc2l0eS5leGFtcGxlL2NyZWRlbnRpYWxzLzE4NzIiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiRXhhbXBsZUFsdW1uaUNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiaHR0cHM6Ly91bml2ZXJzaXR5LmV4YW1wbGUvaXNzdWVycy81NjUwNDkiLCJ2YWxpZEZyb20iOiIyMDEwLTAxLTAxVDE5OjIzOjI0WiIsImNyZWRlbnRpYWxTY2hlbWEiOnsiaWQiOiJodHRwczovL2V4YW1wbGUub3JnL2V4YW1wbGVzL2RlZ3JlZS5qc29uIiwidHlwZSI6Ikpzb25TY2hlbWEifSwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6ZXhhbXBsZToxMjMiLCJkZWdyZWUiOnsidHlwZSI6IkJhY2hlbG9yRGVncmVlIiwibmFtZSI6IkJhY2hlbG9yIG9mIFNjaWVuY2UgYW5kIEFydHMifX19.d2k4O3FytQJf83kLh-HsXuPvh6yeOlhJELVo5TF71gu7elslQyOf2ZItAXrtbXF4Kz9WivNdztOayz4VUQ0Mwa8yCDZkP9B2pH-9S_tcAFxeoeJ6Z4XnFuL_DOfkR1fP", + "type": "EnvelopedVerifiableCredential" + } + ] +} \ No newline at end of file diff --git a/examples/response/jwt_vp.json b/examples/response/jwt_vp.json deleted file mode 100644 index 023f0c2e..00000000 --- a/examples/response/jwt_vp.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "iss": "did:example:ebfeb1f712ebc6f1c276e12ec21", - "jti": "urn:uuid:3978344f-8596-4c3a-a978-8fcaba3903c5", - "aud": "x509_san_uri:https://client.example.org/cb", - "nbf": 1541493724, - "iat": 1541493724, - "exp": 1573029723, - "nonce": "n-0S6_WzA2Mj", - "vp": { - "@context": [ - "https://www.w3.org/2018/credentials/v1" - ], - "type": [ - "VerifiablePresentation" - ], - "verifiableCredential": [ - "eyJhb...ssw5c" - ] - } -} \ No newline at end of file diff --git a/examples/response/ldp_vp.json b/examples/response/ldp_vp.json deleted file mode 100644 index 69317de3..00000000 --- a/examples/response/ldp_vp.json +++ /dev/null @@ -1,54 +0,0 @@ -{ - "@context": [ - "https://www.w3.org/2018/credentials/v1" - ], - "type": [ - "VerifiablePresentation" - ], - "verifiableCredential": [ - { - "@context": [ - "https://www.w3.org/2018/credentials/v1", - "https://www.w3.org/2018/credentials/examples/v1" - ], - "id": "https://example.com/credentials/1872", - "type": [ - "VerifiableCredential", - "IDCredential" - ], - "issuer": { - "id": "did:example:issuer" - }, - "issuanceDate": "2010-01-01T19:23:24Z", - "credentialSubject": { - "given_name": "Max", - "family_name": "Mustermann", - "birthdate": "1998-01-11", - "address": { - "street_address": "Sandanger 25", - "locality": "Musterstadt", - "postal_code": "123456", - "country": "DE" - } - }, - "proof": { - "type": "Ed25519Signature2018", - "created": "2021-03-19T15:30:15Z", - "jws": "eyJhb...JQdBw", - "proofPurpose": "assertionMethod", - "verificationMethod": "did:example:issuer#keys-1" - } - } - ], - "id": "ebc6f1c2", - "holder": "did:example:holder", - "proof": { - "type": "Ed25519Signature2018", - "created": "2021-03-19T15:30:15Z", - "challenge": "n-0S6_WzA2Mj", - "domain": "https://client.example.org/cb", - "jws": "eyJhb...IAoDA", - "proofPurpose": "authentication", - "verificationMethod": "did:example:holder#key-1" - } -} \ No newline at end of file diff --git a/examples/response/presentation_submission.json b/examples/response/presentation_submission.json index ba621db5..4125b476 100644 --- a/examples/response/presentation_submission.json +++ b/examples/response/presentation_submission.json @@ -4,10 +4,10 @@ "descriptor_map": [ { "id": "ID card with constraints", - "format": "ldp_vp", + "format": "di_vp", "path": "$", "path_nested": { - "format": "ldp_vc", + "format": "di_vc", "path": "$.verifiableCredential[0]" } } diff --git a/examples/response/presentation_submission_multiple_vps.json b/examples/response/presentation_submission_multiple_vps.json index f02d6e1a..73c41447 100644 --- a/examples/response/presentation_submission_multiple_vps.json +++ b/examples/response/presentation_submission_multiple_vps.json @@ -4,10 +4,10 @@ "descriptor_map": [ { "id": "ID Card with constraints", - "format": "ldp_vp", + "format": "di_vp", "path": "$[0]", "path_nested": { - "format": "ldp_vc", + "format": "di_vc", "path": "$.verifiableCredential[0]" } }, diff --git a/examples/response/ps_ldp_vc.json b/examples/response/ps_dip_vc.json similarity index 53% rename from examples/response/ps_ldp_vc.json rename to examples/response/ps_dip_vc.json index 2af49550..b1c331c3 100644 --- a/examples/response/ps_ldp_vc.json +++ b/examples/response/ps_dip_vc.json @@ -1,13 +1,13 @@ { - "definition_id": "example_ldp_vc", - "id": "example_ldp_vc_presentation_submission", + "definition_id": "example_di_vc", + "id": "example_di_vc_presentation_submission", "descriptor_map": [ { "id": "id_credential", "path": "$", - "format": "ldp_vp", + "format": "di_vp", "path_nested": { - "format": "ldp_vc", + "format": "di_vc", "path": "$.verifiableCredential[0]" } } diff --git a/examples/response/ps_jose_vc.json b/examples/response/ps_jose_vc.json new file mode 100644 index 00000000..80c69e63 --- /dev/null +++ b/examples/response/ps_jose_vc.json @@ -0,0 +1,15 @@ +{ + "definition_id": "example_jose_vc", + "id": "example_jose_vc_presentation_submission", + "descriptor_map": [ + { + "id": "id_credential", + "path": "$", + "format": "jose_vp", + "path_nested": { + "path": "$.verifiableCredential[0]", + "format": "jose_vc" + } + } + ] +} \ No newline at end of file diff --git a/examples/response/ps_jwt_vc.json b/examples/response/ps_jwt_vc.json deleted file mode 100644 index c8b3805d..00000000 --- a/examples/response/ps_jwt_vc.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "definition_id": "example_jwt_vc", - "id": "example_jwt_vc_presentation_submission", - "descriptor_map": [ - { - "id": "id_credential", - "path": "$", - "format": "jwt_vp_json", - "path_nested": { - "path": "$.vp.verifiableCredential[0]", - "format": "jwt_vc_json" - } - } - ] -} \ No newline at end of file diff --git a/examples/response/token_response_vp_token_ldp_vp.json b/examples/response/token_response_vp_token_dip_vp.json similarity index 50% rename from examples/response/token_response_vp_token_ldp_vp.json rename to examples/response/token_response_vp_token_dip_vp.json index 5e5bb64a..f48ffc2e 100644 --- a/examples/response/token_response_vp_token_ldp_vp.json +++ b/examples/response/token_response_vp_token_dip_vp.json @@ -6,7 +6,7 @@ "id_token": "eyJ0 ... NiJ9.eyJ1c ... I6IjIifX0.DeWt4Qu ... ZXso", "vp_token": { "@context": [ - "https://www.w3.org/2018/credentials/v1" + "https://www.w3.org/ns/credentials/v2" ], "type": [ "VerifiablePresentation" @@ -14,8 +14,8 @@ "verifiableCredential": [ { "@context": [ - "https://www.w3.org/2018/credentials/v1", - "https://www.w3.org/2018/credentials/examples/v1" + "https://www.w3.org/ns/credentials/v2", + "https://www.w3.org/ns/credentials/examples/v2" ], "id": "https://example.com/credentials/1872", "type": [ @@ -23,33 +23,36 @@ "IDCardCredential" ], "issuer": { - "id": "did:example:issuer" + "id": "did:example:issuer", + "name": "Example Issuer" }, - "issuanceDate": "2010-01-01T19:23:24Z", + "validFrom": "2010-01-01T19:23:24Z", "credentialSubject": { "given_name": "Fredrik", "family_name": "Strömberg", "birthdate": "1949-01-22" }, "proof": { - "type": "Ed25519Signature2018", - "created": "2021-03-19T15:30:15Z", - "jws": "eyJhb...JQdBw", + "type": "DataIntegrityProof", + "cryptosuite": "eddsa-rdfc-2022", + "created": "2021-11-13T18:19:39Z", + "verificationMethod": "did:example:issuer#key-1", "proofPurpose": "assertionMethod", - "verificationMethod": "did:example:issuer#keys-1" + "proofValue": "z58DAdFfa9SkqZMVPxAQp...jQCrfFPP2oumHKtz" } } ], "id": "ebc6f1c2", "holder": "did:example:holder", "proof": { - "type": "Ed25519Signature2018", - "created": "2021-03-19T15:30:15Z", + "type": "DataIntegrityProof", "challenge": "n-0S6_WzA2Mj", - "domain": "s6BhdRkqt3", - "jws": "eyJhb...IAoDA", - "proofPurpose": "authentication", - "verificationMethod": "did:example:holder#key-1" + "domain": "https://client.example.org/cb", + "cryptosuite": "eddsa-rdfc-2022", + "created": "2021-11-13T18:19:39Z", + "verificationMethod": "did:example:holder#key-1", + "proofPurpose": "assertionMethod", + "proofValue": "z58DAdFfa9SkqZMVPxAQp...jQCrfFPP2oumHKtz" } } } \ No newline at end of file diff --git a/examples/response/vp_token_dip_vp.json b/examples/response/vp_token_dip_vp.json new file mode 100644 index 00000000..0e9e2663 --- /dev/null +++ b/examples/response/vp_token_dip_vp.json @@ -0,0 +1,51 @@ +{ + "@context": [ + "https://www.w3.org/ns/credentials/v2", + ], + "type": [ + "VerifiablePresentation" + ], + "verifiableCredential": [ + { + "@context": [ + "https://www.w3.org/ns/credentials/v2", + "https://www.w3.org/ns/credentials/examples/v2" + ], + "id": "https://example.com/credentials/1872", + "type": [ + "VerifiableCredential", + "IDCardCredential" + ], + "issuer": { + "id": "did:example:issuer", + "name": "Example Issuer" + }, + "validFrom": "2010-01-01T19:23:24Z", + "credentialSubject": { + "given_name": "Fredrik", + "family_name": "Strömberg", + "birthdate": "1949-01-22" + }, + "proof": { + "type": "DataIntegrityProof", + "cryptosuite": "eddsa-rdfc-2022", + "created": "2021-11-13T18:19:39Z", + "verificationMethod": "did:example:issuer#key-1", + "proofPurpose": "assertionMethod", + "proofValue": "z58DAdFfa9SkqZMVPxAQp...jQCrfFPP2oumHKtz" + } + } + ], + "id": "ebc6f1c2", + "holder": "did:example:holder", + "proof": { + "type": "DataIntegrityProof", + "challenge": "n-0S6_WzA2Mj", + "domain": "https://client.example.org/cb", + "cryptosuite": "eddsa-rdfc-2022", + "created": "2021-11-13T18:19:39Z", + "verificationMethod": "did:example:holder#key-1", + "proofPurpose": "assertionMethod", + "proofValue": "z58DAdFfa9SkqZMVPxAQp...jQCrfFPP2oumHKtz" + } +} \ No newline at end of file diff --git a/examples/response/vp_token_ldp_vp_with_ps.json b/examples/response/vp_token_dip_vp_with_ps.json similarity index 56% rename from examples/response/vp_token_ldp_vp_with_ps.json rename to examples/response/vp_token_dip_vp_with_ps.json index 818030a7..40fe02b2 100644 --- a/examples/response/vp_token_ldp_vp_with_ps.json +++ b/examples/response/vp_token_dip_vp_with_ps.json @@ -1,6 +1,6 @@ { "@context": [ - "https://www.w3.org/2018/credentials/v1", + "https://www.w3.org/ns/credentials/v2", "https://identity.foundation/presentation-exchange/submission/v1" ], "type": [ @@ -10,8 +10,8 @@ "verifiableCredential": [ { "@context": [ - "https://www.w3.org/2018/credentials/v1", - "https://www.w3.org/2018/credentials/examples/v1" + "https://www.w3.org/ns/credentials/v2", + "https://www.w3.org/ns/credentials/examples/v2", ], "id": "https://example.com/credentials/1872", "type": [ @@ -19,20 +19,22 @@ "IDCardCredential" ], "issuer": { - "id": "did:example:issuer" + "id": "did:example:issuer", + "name": "Example Issuer" }, - "issuanceDate": "2010-01-01T19:23:24Z", + "validFrom": "2010-01-01T19:23:24Z", "credentialSubject": { "given_name": "Fredrik", "family_name": "Strömberg", "birthdate": "1949-01-22" }, "proof": { - "type": "Ed25519Signature2018", - "created": "2021-03-19T15:30:15Z", - "jws": "eyJhb...JQdBw", + "type": "DataIntegrityProof", + "cryptosuite": "eddsa-rdfc-2022", + "created": "2021-11-13T18:19:39Z", + "verificationMethod": "did:example:issuer#key-1", "proofPurpose": "assertionMethod", - "verificationMethod": "did:example:issuer#keys-1" + "proofValue": "z58DAdFfa9SkqZMVPxAQp...jQCrfFPP2oumHKtz" } } ], @@ -44,18 +46,19 @@ "descriptor_map": [ { "id": "ID Card with constraints", - "format": "ldp_vc", + "format": "di_vc", "path": "$.verifiableCredential[0]" } ] }, "proof": { - "type": "Ed25519Signature2018", - "created": "2021-03-19T15:30:15Z", + "type": "DataIntegrityProof", "challenge": "n-0S6_WzA2Mj", "domain": "https://client.example.org/cb", - "jws": "eyJhb...IAoDA", - "proofPurpose": "authentication", - "verificationMethod": "did:example:holder#key-1" + "cryptosuite": "eddsa-rdfc-2022", + "created": "2021-11-13T18:19:39Z", + "verificationMethod": "did:example:holder#key-1", + "proofPurpose": "assertionMethod", + "proofValue": "z58DAdFfa9SkqZMVPxAQp...jQCrfFPP2oumHKtz" } } \ No newline at end of file diff --git a/examples/response/vp_token_ldp_vp.json b/examples/response/vp_token_ldp_vp.json deleted file mode 100644 index f874e8c6..00000000 --- a/examples/response/vp_token_ldp_vp.json +++ /dev/null @@ -1,48 +0,0 @@ -{ - "@context": [ - "https://www.w3.org/2018/credentials/v1" - ], - "type": [ - "VerifiablePresentation" - ], - "verifiableCredential": [ - { - "@context": [ - "https://www.w3.org/2018/credentials/v1", - "https://www.w3.org/2018/credentials/examples/v1" - ], - "id": "https://example.com/credentials/1872", - "type": [ - "VerifiableCredential", - "IDCardCredential" - ], - "issuer": { - "id": "did:example:issuer" - }, - "issuanceDate": "2010-01-01T19:23:24Z", - "credentialSubject": { - "given_name": "Fredrik", - "family_name": "Strömberg", - "birthdate": "1949-01-22" - }, - "proof": { - "type": "Ed25519Signature2018", - "created": "2021-03-19T15:30:15Z", - "jws": "eyJhb...JQdBw", - "proofPurpose": "assertionMethod", - "verificationMethod": "did:example:issuer#keys-1" - } - } - ], - "id": "ebc6f1c2", - "holder": "did:example:holder", - "proof": { - "type": "Ed25519Signature2018", - "created": "2021-03-19T15:30:15Z", - "challenge": "n-0S6_WzA2Mj", - "domain": "https://client.example.org/cb", - "jws": "eyJhb...IAoDA", - "proofPurpose": "authentication", - "verificationMethod": "did:example:holder#key-1" - } -} \ No newline at end of file diff --git a/examples/response/vp_token_multiple_vps.json b/examples/response/vp_token_multiple_vps.json index 0a8bf239..86f9f544 100644 --- a/examples/response/vp_token_multiple_vps.json +++ b/examples/response/vp_token_multiple_vps.json @@ -1,7 +1,7 @@ [ { "@context": [ - "https://www.w3.org/2018/credentials/v1" + "https://www.w3.org/ns/credentials/v2", ], "type": [ "VerifiablePresentation" @@ -9,8 +9,8 @@ "verifiableCredential": [ { "@context": [ - "https://www.w3.org/2018/credentials/v1", - "https://www.w3.org/2018/credentials/examples/v1" + "https://www.w3.org/ns/credentials/v2", + "https://www.w3.org/ns/credentials/examples/v2", ], "id": "https://example.com/credentials/1872", "type": [ @@ -18,33 +18,36 @@ "IDCardCredential" ], "issuer": { - "id": "did:example:issuer" + "id": "did:example:issuer", + "name": "Example Issuer" }, - "issuanceDate": "2010-01-01T19:23:24Z", + "validFrom": "2010-01-01T19:23:24Z", "credentialSubject": { "given_name": "Fredrik", "family_name": "Strömberg", "birthdate": "1949-01-22" }, "proof": { - "type": "Ed25519Signature2018", - "created": "2021-03-19T15:30:15Z", - "jws": "eyJhb...IAoDA", + "type": "DataIntegrityProof", + "cryptosuite": "eddsa-rdfc-2022", + "created": "2021-11-13T18:19:39Z", + "verificationMethod": "did:example:issuer#key-1", "proofPurpose": "assertionMethod", - "verificationMethod": "did:example:issuer#keys-1" + "proofValue": "z58DAdFfa9SkqZMVPxAQp...jQCrfFPP2oumHKtz" } } ], "id": "ebc6f1c2", "holder": "did:example:holder", "proof": { - "type": "Ed25519Signature2018", - "created": "2021-03-19T15:30:15Z", + "type": "DataIntegrityProof", "challenge": "n-0S6_WzA2Mj", "domain": "https://client.example.org/cb", - "jws": "eyJhb...JQdBw", - "proofPurpose": "authentication", - "verificationMethod": "did:example:holder#key-1" + "cryptosuite": "eddsa-rdfc-2022", + "created": "2021-11-13T18:19:39Z", + "verificationMethod": "did:example:holder#key-1", + "proofPurpose": "assertionMethod", + "proofValue": "z58DAdFfa9SkqZMVPxAQp...jQCrfFPP2oumHKtz" } }, "eyJhbGciOiAiRVMyNTYiLCAidHlwIjogInZjK3NkLWp3dCIsICJraWQiOiAiZG9jLXNp diff --git a/examples/response/vp_token_raw_dip_vp.json b/examples/response/vp_token_raw_dip_vp.json new file mode 100644 index 00000000..9062be60 --- /dev/null +++ b/examples/response/vp_token_raw_dip_vp.json @@ -0,0 +1,51 @@ +{ + "@context": [ + "https://www.w3.org/ns/credentials/v2", + ], + "type": [ + "VerifiablePresentation" + ], + "verifiableCredential": [ + { + "@context": [ + "https://www.w3.org/ns/credentials/v2", + "https://www.w3.org/ns/credentials/examples/v2", + ], + "id": "https://example.com/credentials/1872", + "type": [ + "VerifiableCredential", + "IDCardCredential" + ], + "issuer": { + "id": "did:example:issuer", + "name": "Example Issuer" + }, + "validFrom": "2010-01-01T19:23:24Z", + "credentialSubject": { + "given_name": "Fredrik", + "family_name": "Strömberg", + "birthdate": "1949-01-22" + }, + "proof": { + "type": "DataIntegrityProof", + "cryptosuite": "eddsa-rdfc-2022", + "created": "2021-11-13T18:19:39Z", + "verificationMethod": "did:example:issuer#key-1", + "proofPurpose": "assertionMethod", + "proofValue": "z58DAdFfa9SkqZMVPxAQp...jQCrfFPP2oumHKtz" + } + } + ], + "id": "ebc6f1c2", + "holder": "did:example:holder", + "proof": { + "type": "DataIntegrityProof", + "challenge": "n-0S6_WzA2Mj", + "domain": "https://client.example.org/cb", + "cryptosuite": "eddsa-rdfc-2022", + "created": "2021-11-13T18:19:39Z", + "verificationMethod": "did:example:holder#key-1", + "proofPurpose": "assertionMethod", + "proofValue": "z58DAdFfa9SkqZMVPxAQp...jQCrfFPP2oumHKtz" + } +} \ No newline at end of file diff --git a/examples/response/vp_token_raw_ldp_vp.json b/examples/response/vp_token_raw_ldp_vp.json deleted file mode 100644 index 56763cbb..00000000 --- a/examples/response/vp_token_raw_ldp_vp.json +++ /dev/null @@ -1,48 +0,0 @@ -{ - "@context": [ - "https://www.w3.org/2018/credentials/v1" - ], - "type": [ - "VerifiablePresentation" - ], - "verifiableCredential": [ - { - "@context": [ - "https://www.w3.org/2018/credentials/v1", - "https://www.w3.org/2018/credentials/examples/v1" - ], - "id": "https://example.com/credentials/1872", - "type": [ - "VerifiableCredential", - "IDCardCredential" - ], - "issuer": { - "id": "did:example:issuer" - }, - "issuanceDate": "2010-01-01T19:23:24Z", - "credentialSubject": { - "given_name": "Fredrik", - "family_name": "Strömberg", - "birthdate": "1949-01-22" - }, - "proof": { - "type": "Ed25519Signature2018", - "created": "2021-03-19T15:30:15Z", - "jws": "eyJhb...JQdBw", - "proofPurpose": "assertionMethod", - "verificationMethod": "did:example:issuer#keys-1" - } - } - ], - "id": "ebc6f1c2", - "holder": "did:example:holder", - "proof": { - "type": "Ed25519Signature2018", - "created": "2021-03-19T15:30:15Z", - "challenge": "n-0S6_WzA2Mj", - "domain": "https://client.example.org/cb", - "jws": "eyJhbG...IAoDA", - "proofPurpose": "authentication", - "verificationMethod": "did:example:holder#key-1" - } -} \ No newline at end of file diff --git a/openid-4-verifiable-presentations-1_0.md b/openid-4-verifiable-presentations-1_0.md index 232cbba2..b7312c5a 100644 --- a/openid-4-verifiable-presentations-1_0.md +++ b/openid-4-verifiable-presentations-1_0.md @@ -104,7 +104,7 @@ Holder Binding: : Ability of the Holder to prove legitimate possession of a Verifiable Credential. Cryptographic Holder Binding: -: Ability of the Holder to prove legitimate possession of a Verifiable Credential by proving control over the same private key during the issuance and presentation. Mechanism might depend on the Credential Format. For example, in `jwt_vc_json` Credential Format, a Verifiable Credential with Cryptographic Holder Binding contains a public key or a reference to a public key that matches to the private key controlled by the Holder. +: Ability of the Holder to prove legitimate possession of a Verifiable Credential by proving control over the same private key during the issuance and presentation. Mechanism might depend on the Credential Format. For example, in `jose_vc` Credential Format, a Verifiable Credential with Cryptographic Holder Binding contains a public key or a reference to a public key that matches to the private key controlled by the Holder. Claims-based Holder Binding: : Ability of the Holder to prove legitimate possession of a Verifiable Credential by proofing certain claims, e.g., name and date of birth, for example by presenting another Verifiable Credential. Claims-based Holder Binding allows long term, cross device use of a Credential as it does not depend on cryptographic key material stored on a certain device. One example of such a Verifiable Credential could be a Diploma. @@ -398,9 +398,12 @@ Content-Type: application/json { "id": "id card credential", "format": { - "ldp_vc": { + "di_vc": { "proof_type": [ - "Ed25519Signature2018" + "DataIntegrityProof" + ], + "cryptosuite": [ + "ecdsa-sd-2023" ] } }, @@ -529,10 +532,10 @@ Location: https://client.example.org/universal-link? &redirect_uri=https%3A%2F%2Fclient.example.org%2Fcb &presentation_definition=... &nonce=n-0S6_WzA2Mj - &client_metadata=%7B%22vp_formats%22:%7B%22jwt_vp_json%22:% - 7B%22alg%22:%5B%22EdDSA%22,%22ES256K%22%5D%7D,%22ldp - _vp%22:%7B%22proof_type%22:%5B%22Ed25519Signature201 - 8%22%5D%7D%7D%7D + &client_metadata=%7B%22vp_formats%22:%7B%22jose_vp%22:% + 7B%22alg%22:%5B%22EdDSA%22,%22ES256K%22%5D%7D,%22di + _vc%22:%7B%22proof_type%22:%5B%22DataIntegrityProof%22%5D,%22 + cryptosuite%22:%5B%22ecdsa-sd-2023%22%5D%7D%7D%7D ``` * `https`: This value indicates that the Client Identifier is an Entity Identifier defined in OpenID Federation [@!OpenID.Federation]. Since the Entity Identifier is already defined to start with `https:`, this Client Identifier Scheme MUST NOT be prefixed additionally. Processing rules given in [@!OpenID.Federation] MUST be followed. Automatic Registration as defined in [@!OpenID.Federation] MUST be used. The Authorization Request MAY also contain a `trust_chain` parameter. The final Verifier metadata is obtained from the Trust Chain after applying the policies, according to [@!OpenID.Federation]. The `client_metadata` parameter, if present in the Authorization Request, MUST be ignored when this Client Identifier scheme is used. Example Client Identifier: `https://federation-verifier.example.com`. @@ -589,8 +592,8 @@ POST /request HTTP/1.1 Host: client.example.org Content-Type: application/x-www-form-urlencoded - wallet_metadata=%7B%22vp_formats_supported%22%3A%7B%22jwt_vc_json%22%3A%7B%22alg_values_supported - %22%3A%5B%22ES256K%22%2C%22ES384%22%5D%7D%2C%22jwt_vp_json%22%3A%7B%22alg_values_supported%22%3A% + wallet_metadata=%7B%22vp_formats_supported%22%3A%7B%22jose_vc%22%3A%7B%22alg_values_supported + %22%3A%5B%22ES256K%22%2C%22ES384%22%5D%7D%2C%22jose_vp%22%3A%7B%22alg_values_supported%22%3A% 5B%22ES256K%22%2C%22EdDSA%22%5D%7D%7D%7D& wallet_nonce=qPmxiNFCR3QTm19POc8u ``` @@ -1008,7 +1011,7 @@ brevity): The following is a non-normative example of a VP Token containing a single Verifiable Presentation after a request using Presentation Exchange: -<{{examples/response/vp_token_raw_ldp_vp.json}} +<{{examples/response/vp_token_raw_di_vp.json}} The following is a non-normative example of a `presentation_submission` parameter sent alongside a VP Token in the example above. It corresponds to the second Presentation Definition example in (#request_presentation_definition): @@ -1145,7 +1148,7 @@ If the JWT is only a JWE, the following processing rules MUST be followed: The following is a non-normative example of the payload of a JWT used in an Authorization Response that is encrypted and not signed: -<{{examples/response/jarm_jwt_enc_only_vc_json_body.json}} +<{{examples/response/jarm_jose_enc_only_vc_json_body.json}} The JWT response document MUST include the `vp_token` and, if Presentation Exchange was used in the request, the `presentation_submission` parameters as defined in (#response-parameters). @@ -1161,13 +1164,13 @@ This specification also defines a new Response Mode `direct_post.jwt`, which all The Response Mode `direct_post.jwt` causes the Wallet to send the Authorization Response using an HTTP POST request instead of redirecting back to the Verifier as defined in (#response_mode_post). The Wallet adds the `response` parameter containing the JWT as defined in Section 4.1. of [@!JARM] and (#jarm) in the body of an HTTP POST request using the `application/x-www-form-urlencoded` content type. The names and values in the body MUST be encoded using UTF-8. -The following is a non-normative example of a response using the `presentation_submission` and `vp_token` values from (#jwt_vc). (line breaks for display purposes only): +The following is a non-normative example of a response using the `presentation_submission` and `vp_token` values from (#jose_cose_sdjwt_vc). (line breaks for display purposes only): -<{{examples/response/jarm_jwt_vc_json_post.txt}} +<{{examples/response/jarm_jose_vc_json_post.txt}} The following is a non-normative example of the payload of the JWT used in the example above before base64url encoding and signing: -<{{examples/response/jarm_jwt_vc_json_body.json}} +<{{examples/response/jarm_jose_vc_json_body.json}} ## Transaction Data {#transaction_data} @@ -1278,13 +1281,13 @@ The following is a non-normative example of a `vp_formats_supported` parameter: ```json "vp_formats_supported": { - "jwt_vc_json": { + "jose_vc": { "alg_values_supported": [ "ES256K", "ES384" ] }, - "jwt_vp_json": { + "jose_vp": { "alg_values_supported": [ "ES256K", "EdDSA" @@ -1377,10 +1380,10 @@ The following is a non-normative example of a set of static configuration values "vp_token" ], "vp_formats_supported": { - "jwt_vp_json": { + "jose_vp": { "alg_values_supported": ["ES256"] }, - "jwt_vc_json": { + "jose_vc": { "alg_values_supported": ["ES256"] } }, @@ -1511,7 +1514,7 @@ The `client_id` is used to detect the presentation of Verifiable Credentials to Note: Different formats for Verifiable Presentations and signature/proof schemes use different ways to represent the intended audience and the session binding. Some use claims to directly represent those values, others include the values into the calculation of cryptographic proofs. There are also different naming conventions across the different formats. In case Presentation Exchange is used in the Authorization Request, the format of the respective presentation is determined from the format information in the presentation submission in the Authorization Response. If DCQL was used, the format was defined by the Verifier in the request. -The following is a non-normative example of the payload of a Verifiable Presentation of a format identifier `jwt_vp_json`: +The following is a non-normative example of the payload of a Verifiable Presentation of a format identifier `jose_vp`: ```json { @@ -1522,21 +1525,24 @@ The following is a non-normative example of the payload of a Verifiable Presenta "nbf": 1541493724, "iat": 1541493724, "exp": 1573029723, - "vp": { - "@context": [ - "https://www.w3.org/2018/credentials/v1", - "https://www.w3.org/2018/credentials/examples/v1" - ], - "type": ["VerifiablePresentation"], - - "verifiableCredential": [""] - } + "@context": [ + "https://www.w3.org/ns/credentials/v2", + "https://www.w3.org/ns/credentials/examples/v2" + ], + "type": "VerifiablePresentation", + "verifiableCredential": [ + { + "@context": "https://www.w3.org/ns/credentials/v2", + "id": "data:application/vc+jwt,eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMzODQifQ.eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwiaWQiOiJodHRwOi8vdW5pdmVyc2l0eS5leGFtcGxlL2NyZWRlbnRpYWxzLzE4NzIiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiRXhhbXBsZUFsdW1uaUNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiaHR0cHM6Ly91bml2ZXJzaXR5LmV4YW1wbGUvaXNzdWVycy81NjUwNDkiLCJ2YWxpZEZyb20iOiIyMDEwLTAxLTAxVDE5OjIzOjI0WiIsImNyZWRlbnRpYWxTY2hlbWEiOnsiaWQiOiJodHRwczovL2V4YW1wbGUub3JnL2V4YW1wbGVzL2RlZ3JlZS5qc29uIiwidHlwZSI6Ikpzb25TY2hlbWEifSwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6ZXhhbXBsZToxMjMiLCJkZWdyZWUiOnsidHlwZSI6IkJhY2hlbG9yRGVncmVlIiwibmFtZSI6IkJhY2hlbG9yIG9mIFNjaWVuY2UgYW5kIEFydHMifX19.d2k4O3FytQJf83kLh-HsXuPvh6yeOlhJELVo5TF71gu7elslQyOf2ZItAXrtbXF4Kz9WivNdztOayz4VUQ0Mwa8yCDZkP9B2pH-9S_tcAFxeoeJ6Z4XnFuL_DOfkR1fP;data:application/vc+jwt,eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMzODQifQ.eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwiaWQiOiJodHRwOi8vdW5pdmVyc2l0eS5leGFtcGxlL2NyZWRlbnRpYWxzLzE4NzIiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiRXhhbXBsZUFsdW1uaUNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiaHR0cHM6Ly91bml2ZXJzaXR5LmV4YW1wbGUvaXNzdWVycy81NjUwNDkiLCJ2YWxpZEZyb20iOiIyMDEwLTAxLTAxVDE5OjIzOjI0WiIsImNyZWRlbnRpYWxTY2hlbWEiOnsiaWQiOiJodHRwczovL2V4YW1wbGUub3JnL2V4YW1wbGVzL2RlZ3JlZS5qc29uIiwidHlwZSI6Ikpzb25TY2hlbWEifSwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6ZXhhbXBsZToxMjMiLCJkZWdyZWUiOnsidHlwZSI6IkJhY2hlbG9yRGVncmVlIiwibmFtZSI6IkJhY2hlbG9yIG9mIFNjaWVuY2UgYW5kIEFydHMifX19.d2k4O3FytQJf83kLh-HsXuPvh6yeOlhJELVo5TF71gu7elslQyOf2ZItAXrtbXF4Kz9WivNdztOayz4VUQ0Mwa8yCDZkP9B2pH-9S_tcAFxeoeJ6Z4XnFuL_DOfkR1fP", + "type": "EnvelopedVerifiableCredential" + } + ] } ``` In the example above, the requested `nonce` value is included as the `nonce` and `client_id` as the `aud` value in the proof of the Verifiable Presentation. -The following is a non-normative example of a Verifiable Presentation of a format identifier `ldp_vp` without a `proof` property: +The following is a non-normative example of a Verifiable Presentation of a format identifier `di_vp` with an embedded `proof` property: ```json { @@ -1544,13 +1550,14 @@ The following is a non-normative example of a Verifiable Presentation of a forma "type": "VerifiablePresentation", "verifiableCredential": [ ... ], "proof": { - "type": "RsaSignature2018", - "created": "2018-09-14T21:19:10Z", - "proofPurpose": "authentication", - "verificationMethod": "did:example:ebfeb1f712ebc6f1c276e12ec21#keys-1", + "type": "DataIntegrityProof", + "cryptosuite": "eddsa-rdfc-2022", + "created": "2021-11-13T18:19:39Z", + "verificationMethod": "https://university.example/issuers/14#key-1", "challenge": "343s$FSFDa-", "domain": "s6BhdRkqt3", - "jws": "eyJhb...nKb78" + "proofPurpose": "assertionMethod", + "proofValue": "z58DAdFfa9SkqZMVPxAQp...jQCrfFPP2oumHKtz" } } ``` @@ -1639,28 +1646,34 @@ In the event that another component is invoked instead of the Wallet, the End-Us {backmatter} - + - Verifiable Credentials Data Model 1.1 + Verifiable Credentials Data Model v2.0 Digital Bazaar - - ConsenSys + + OpenLink Software - - Digital Bazaar + + W3C - - ConsenSys + + Invited Expert - - Evernym + + Block + + + Digital Bazaar University of Kent - + + Transmute + + @@ -2051,19 +2064,19 @@ OpenID for Verifiable Presentations is Credential Format agnostic, i.e., it is d W3C Verifiable Credentials may use an additional parameter for the `descriptor_map` with the `presentation_submission`: The `path_nested` object inside an Input Descriptor Mapping Object is used to describe how to find a returned Credential within a Verifiable Presentation, and contains a `format` parameter with the Credential format identifier as a value and a `path` parameter with a relative path to the Verifiable Credential. Non-normative examples can be found further in this section. -### VC signed as a JWT, not using JSON-LD {#jwt_vc} +### VCs and VPs secured using JOSE, COSE, and SD-JWT {#jose_cose_sdjwt_vc} -This section illustrates presentation of a Credential conformant to [@VC_DATA] that is signed using JWS, and does not use JSON-LD. +This section illustrates presentation of a Credential conformant to [@VC_DATA] that is signed using JOSE, COSE, and SD-JWT. -The Credential format identifiers are `jwt_vc_json` for a W3C Verifiable Credential and `jwt_vp_json` for W3C Verifiable Presentation. +The Credential format identifiers are `jose_vc` for a W3C Verifiable Credential and `jose_vp` for W3C Verifiable Presentation using JOSE, `cose_vc` for a W3C Verifiable Credential and `cose_vp` from a W3C Verifiable Presentation using COSE, and `sdjwt_vc` for a W3C Verifiable Credential and `sdjwt_vp` for a W3C Verifiable Presentation using SD-JWT. Cipher suites should use algorithm names defined in [IANA JOSE Algorithms Registry](https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms). #### Example Credential -The following is a non-normative example of the payload of a JWT-based W3C Verifiable Credential that will be used throughout this section: +The following is a non-normative example of the payload of a JOSE-based W3C Verifiable Credential that will be used throughout this section: -<{{examples/credentials/jwt_vc.json}} +<{{examples/credentials/jose_vc.json}} #### Presentation Request @@ -2075,9 +2088,9 @@ The requirements regarding the Credential to be presented are conveyed in the `p The following is a non-normative example of the contents of a `presentation_definition` parameter: -<{{examples/request/pd_jwt_vc.json}} +<{{examples/request/pd_jose_vc.json}} -This `presentation_definition` parameter contains a single `input_descriptor` element, which sets the desired format to JWT VC and defines a constraint over the `vc.type` parameter to select Verifiable Credentials of type `IDCredential`. +This `presentation_definition` parameter contains a single `input_descriptor` element, which sets the desired format to JOSE VC and defines a constraint over the `vc.type` parameter to select Verifiable Credentials of type `IDCredential`. #### Presentation Response @@ -2087,27 +2100,27 @@ The following is a non-normative example of an Authorization Response: The following is a non-normative example of the content of the `presentation_submission` parameter: -<{{examples/response/ps_jwt_vc.json}} +<{{examples/response/ps_jose_vc.json}} The following is a non-normative example of the payload of the Verifiable Presentation in the `vp_token` parameter provided in the same response and referred to by the `presentation_submission` above: -<{{examples/response/jwt_vp.json}} +<{{examples/response/jose_vp.json}} Note: The VP's `nonce` claim contains the value of the `nonce` of the presentation request and the `aud` claim contains the Client Identifier of the Verifier. This allows the Verifier to detect replay of a Presentation as recommended in (#preventing-replay). -### LDP VCs +### Data Integrity Proof VCs This section illustrates presentation of a Credential conformant to [@VC_DATA] that is secured using Data Integrity, using JSON-LD. -The Credential format identifiers are `ldp_vc` for a W3C Verifiable Credential and `ldp_vp` for W3C Verifiable Presentation. +The Credential format identifiers are `di_vc` for a W3C Verifiable Credential and `di_vp` for W3C Verifiable Presentation. -Cipher suites should use signature suites names defined in [Linked Data Cryptographic Suite Registry](https://w3c-ccg.github.io/ld-cryptosuite-registry/). +Cipher suites should use securing mechanisms names defined in [Securing Mechanisms sectino of the Verifiable Credential Extensions Note](https://www.w3.org/TR/vc-extensions/#securing-mechanisms). #### Example Credential The following is a non-normative example of the payload of a Verifiable Credential that will be used throughout this section: -<{{examples/credentials/ldp_vc.json}} +<{{examples/credentials/di_vc.json}} #### Presentation Request @@ -2117,9 +2130,9 @@ The following is a non-normative example of an Authorization Request: The following is a non-normative example of the contents of a `presentation_definition` parameter that contains the requirements regarding the Credential to be presented: -<{{examples/request/pd_ldp_vc.json}} +<{{examples/request/pd_di_vc.json}} -This `presentation_definition` parameter contains a single `input_descriptor` element, which sets the desired format to LDP VC and defines a constraint over the `type` parameter to select Verifiable Credentials of type `IDCredential`. +This `presentation_definition` parameter contains a single `input_descriptor` element, which sets the desired format to DI VC and defines a constraint over the `type` parameter to select Verifiable Credentials of type `IDCredential`. #### Presentation Response @@ -2129,11 +2142,11 @@ The following is a non-normative example of an Authorization Response: The following is a non-normative example of the content of the `presentation_submission` parameter: -<{{examples/response/ps_ldp_vc.json}} +<{{examples/response/ps_di_vc.json}} The following is a non-normative example of the Verifiable Presentation in the `vp_token` parameter provided in the same response and referred to by the `presentation_submission` above: -<{{examples/response/ldp_vp.json}} +<{{examples/response/di_vp.json}} Note: The VP's `challenge` claim contains the value of the `nonce` of the presentation request and the `domain` claims contains the Client Identifier of the Verifier. This allows the Verifier to detect replay of a presentation as recommended in (#preventing-replay). @@ -2167,7 +2180,7 @@ The following is a non-normative example of the content of the `presentation_def <{{examples/request/pd_ac_vc.json}} -The `format` object in the `input_descrioptor` element uses the format identifier `ac_vc` as defined above and sets the `proof_type` to `CLSignature2019` to denote this descriptor requires a Credential in AnonCreds format signed with a CL signature (Camenisch-Lysyanskaya signature). The rest of the expressions operate on the AnonCreds JSON structure. +The `format` object in the `input_descriptor` element uses the format identifier `ac_vc` as defined above and sets the `proof_type` to `CLSignature2019` to denote this descriptor requires a Credential in AnonCreds format signed with a CL signature (Camenisch-Lysyanskaya signature). The rest of the expressions operate on the AnonCreds JSON structure. The `constraints` object requires the selected Credential to conform with the schema definition `did:indy:idu:test:3QowxFtwciWceMFr7WbwnM:2:BasicScheme:0\\.1`, which is denoted as a constraint over the AnonCred's `schema_id` parameter. diff --git a/schema/request.json b/schema/request.json index b42109fa..6304bef1 100644 --- a/schema/request.json +++ b/schema/request.json @@ -30,7 +30,7 @@ "format": { "type": "object", "patternProperties": { - "^jwt$|^jwt_vc$|^jwt_vp$": { + "^jwt$|^jose_vc$|^jose_vp$|^cose_vc$|^cose_vp$|^sdjwt_vc$|^sdjwt_vp$": { "type": "object", "properties": { "alg": { @@ -42,13 +42,18 @@ "required": ["alg"], "additionalProperties": false }, - "^ldp_vc$|^ldp_vp$|^ldp$": { + "^di_vc$|^di_vp$|^di$": { "type": "object", "properties": { "proof_type": { "type": "array", "minItems": 1, "items": { "type": "string" } + }, + "cryptosuite": { + "type": "array", + "minItems": 1, + "items": { "type": "string" } } }, "required": ["proof_type"], diff --git a/vp_token_vp_jwt.json b/vp_token_vp_jose.json similarity index 77% rename from vp_token_vp_jwt.json rename to vp_token_vp_jose.json index 6e195561..e6e484ba 100644 --- a/vp_token_vp_jwt.json +++ b/vp_token_vp_jose.json @@ -1,6 +1,6 @@ [ { - "format": "vp_jwt", + "format": "vp_jose", "presentation": "ewogICAgImlzcyI6Imh0dHBzOi8vYm9vay5pdHNvdXJ3ZWIub...IH0=" } ] \ No newline at end of file