Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Notes on additional testing for ECDSA-SD #38

Open
aljones15 opened this issue Feb 7, 2024 · 0 comments
Open

Notes on additional testing for ECDSA-SD #38

aljones15 opened this issue Feb 7, 2024 · 0 comments

Comments

@aljones15
Copy link
Contributor

aljones15 commented Feb 7, 2024

Author @Wind4Greg

After an initial round of testing with the suites I put down some notes on some of the subtleties of testing ECDSA-SD. Take a look and let me know if you have any questions.

Notes on additional testing for ECDSA-SD
Unlike ecdsa-rdfc-2019 and ecdsa-jcs-2019, ecdsa-sd-2023 has three (or four) rather than two fundamental functions to be tested. These are roughly

Add Base: inputs: unsigned document, mandatory pointers. returns a signed base document. Can use the VC-API: issue credential API but need to supplement the options object to support mandatoryPointers or have it as a separate item.

Verify Base: technically not required in the specification, but needed to know if someones base proof meets the spec. inputs: signed base document. In my ECDSA-SD library I provide a high level function for this. Could use the VC-API: verify credential API to check this.

Derive Proof: inputs: signed base document, selective pointers; Returns signed derived document. Can use the VC-API derive credential API, however the frame field is out of date and should be replace by a selectivePointers field of type array.

Verify Derived: input: signed derived document, Returns true or false; Should use the VC-API: verify credential API to check this.

Proof Value Checking
For both base proof and derived proof the encoding is base64url-no-pad-encoding and not base-58-btc and starts with a u and not a z. In addition the decoded proofs should start with the following bytes:

base proof header bytes 0xd9, 0x5d, and 0x00
disclosure proof header bytes 0xd9, 0x5d, and 0x01

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant