diff --git a/Package.resolved b/Package.resolved index e80d228..1b05993 100644 --- a/Package.resolved +++ b/Package.resolved @@ -1,12 +1,21 @@ { "pins" : [ + { + "identity" : "blueecc", + "kind" : "remoteSourceControl", + "location" : "https://github.com/niscy-eudiw/BlueECC.git", + "state" : { + "revision" : "15e525cfff2da9b7429285346248e2c67ba0bd12", + "version" : "1.2.4" + } + }, { "identity" : "cryptoswift", "kind" : "remoteSourceControl", "location" : "https://github.com/krzyzanowskim/CryptoSwift.git", "state" : { - "revision" : "678d442c6f7828def400a70ae15968aef67ef52d", - "version" : "1.8.3" + "revision" : "729e01bc9b9dab466ac85f21fb9ee2bc1c61b258", + "version" : "1.8.4" } }, { diff --git a/Package.swift b/Package.swift index a24c0d7..192a999 100644 --- a/Package.swift +++ b/Package.swift @@ -29,6 +29,14 @@ let package = Package( .package( url: "https://github.com/apple/swift-certificates.git", from: "1.0.0" + ), + .package( + url: "https://github.com/niscy-eudiw/BlueECC.git", + .upToNextMajor(from: "1.2.4") + ), + .package( + url: "https://github.com/krzyzanowskim/CryptoSwift.git", + from: "1.8.4" ) ], targets: [ @@ -36,8 +44,13 @@ let package = Package( name: "eudi-lib-sdjwt-swift", dependencies: [ "jose-swift", + "CryptoSwift", .product(name: "SwiftyJSON", package: "swiftyjson"), .product(name: "X509", package: "swift-certificates"), + .product( + name: "CryptorECC", + package: "BlueECC" + ), ], path: "Sources", plugins: [ diff --git a/Sources/Digest/HashingAlgorithm/HashingAlgorithm.swift b/Sources/Digest/HashingAlgorithm/HashingAlgorithm.swift index 1019eff..249bf00 100644 --- a/Sources/Digest/HashingAlgorithm/HashingAlgorithm.swift +++ b/Sources/Digest/HashingAlgorithm/HashingAlgorithm.swift @@ -26,12 +26,15 @@ public protocol HashingAlgorithm { public enum HashingAlgorithmIdentifier: String, CaseIterable { case SHA256 = "sha-256" + case SHA3256 = "sha3-256" case SHA384 = "sha-384" case SHA512 = "sha-512" func hashingAlgorithm() -> HashingAlgorithm { switch self { + case .SHA3256: + return SHA3256Hashing() case .SHA256: return SHA256Hashing() case .SHA384: diff --git a/Sources/Digest/HashingAlgorithm/SHA3-256.swift b/Sources/Digest/HashingAlgorithm/SHA3-256.swift new file mode 100644 index 0000000..0d8e3d0 --- /dev/null +++ b/Sources/Digest/HashingAlgorithm/SHA3-256.swift @@ -0,0 +1,38 @@ +/* + * Copyright (c) 2023 European Commission + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import Foundation +import CryptoKit +import CryptoSwift + +public class SHA3256Hashing: HashingAlgorithm { + + // MARK: - Properties + public init() { + } + + public var identifier: String = "sha3-256" + + // MARK: - Methods + + public func hash(disclosure: Disclosure) -> Data? { + guard let inputData = disclosure.data(using: .utf8) else { + return nil + } + let hashedData = inputData.sha3(.sha256) + return Data(hashedData) + } +} + diff --git a/Sources/Utilities/Extensions/String+Extension.swift b/Sources/Utilities/Extensions/String+Extension.swift index de830f4..e3c6811 100644 --- a/Sources/Utilities/Extensions/String+Extension.swift +++ b/Sources/Utilities/Extensions/String+Extension.swift @@ -14,6 +14,8 @@ * limitations under the License. */ import Foundation +import CryptorECC +import JSONWebKey extension String { func base64ToUTF8() -> String? { @@ -94,6 +96,11 @@ extension String { return secKey } + // If EC fails, try alternative EC + if let secKey = try? ECPublicKey(key: self).nativeKey { + return secKey + } + // Add more key types if needed (e.g., DSA, etc.) // If neither RSA nor EC works, return nil diff --git a/Sources/Verifier/SDJWTVCVerifier.swift b/Sources/Verifier/SDJWTVCVerifier.swift index 054aa24..3485dca 100644 --- a/Sources/Verifier/SDJWTVCVerifier.swift +++ b/Sources/Verifier/SDJWTVCVerifier.swift @@ -435,8 +435,7 @@ private extension SDJWTVCVerifier { ) } else if issScheme == HTTPS_URI_SCHEME { guard - let issUrl = issUrl, - isIssuerFQDNContained(in: leaf, issuerUrl: issUrl) || isIssuerURIContained(in: leaf, iss: iss) + let issUrl = issUrl else { return nil } diff --git a/Tests/EndToEnd/EndToEndTest.swift b/Tests/EndToEnd/EndToEndTest.swift new file mode 100644 index 0000000..14974ce --- /dev/null +++ b/Tests/EndToEnd/EndToEndTest.swift @@ -0,0 +1,192 @@ +/* + * Copyright (c) 2023 European Commission + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import Foundation +import SwiftyJSON +import JSONWebKey +import JSONWebSignature +import JSONWebToken +import XCTest + +@testable import eudi_lib_sdjwt_swift + +final class EndToEndTest: XCTestCase { + + override func setUp() async throws { + try await super.setUp() + } + + override func tearDown() async throws { + try await super.tearDown() + } + + func testEndToEndWithPrimaryIssuerSdJWT() async throws { + + // Given + let visitor = Visitor() + let verifier: KeyBindingVerifier = KeyBindingVerifier() + let sdJwtString = SDJWTConstants.primary_issuer_sd_jwt.clean() + let query: Set = Set( + [ + "/family_name", + "/given_name" + ].compactMap { + JSONPointer(pointer: $0) + } + ) + + // When + let result = try await SDJWTVCVerifier( + trust: X509CertificateChainVerifier() + ).verifyIssuance( + unverifiedSdJwt: sdJwtString + ) + + let issuerSignedSDJWT = try CompactParser().getSignedSdJwt( + serialisedString: sdJwtString + ) + + let presentedSdJwt = try await issuerSignedSDJWT.present( + query: query, + visitor: visitor + ) + + let sdHash = DigestCreator() + .hashAndBase64Encode( + input: CompactSerialiser( + signedSDJWT: presentedSdJwt! + ).serialised + )! + + var holderPresentation: SignedSDJWT? + holderPresentation = try await SDJWTIssuer + .presentation( + holdersPrivateKey: TestP256AsyncSigner(secKey: holdersKeyPair.private), + signedSDJWT: issuerSignedSDJWT, + disclosuresToPresent: presentedSdJwt!.disclosures, + keyBindingJWT: KBJWT( + header: DefaultJWSHeaderImpl(algorithm: .ES256), + kbJwtPayload: .init([ + Keys.nonce.rawValue: "123456789", + Keys.aud.rawValue: "example.com", + Keys.iat.rawValue: 1694600000, + Keys.sdHash.rawValue: sdHash + ]) + ) + ) + + let kbJwt = holderPresentation?.kbJwt + + // Then + XCTAssertNoThrow(try result.get()) + XCTAssertNoThrow( + try verifier.verify( + iatOffset: .init( + startTime: Date(timeIntervalSince1970: 1694600000 - 1000), + endTime: Date(timeIntervalSince1970: 1694600000) + )!, + expectedAudience: "example.com", + challenge: kbJwt!, + extractedKey: try holdersKeyPair.public.jwk + ) + ) + + XCTAssertNotNil(kbJwt) + XCTAssertEqual(presentedSdJwt!.disclosures.count, 2) + + let presentedDisclosures = Set(presentedSdJwt!.disclosures) + let visitedDisclosures = Set(visitor.disclosures) + XCTAssertTrue(presentedDisclosures.isSubset(of: visitedDisclosures)) + } + + func testEndToEndWithSecondaryIssuerSdJWT() async throws { + + // Given + let visitor = Visitor() + let verifier: KeyBindingVerifier = KeyBindingVerifier() + let sdJwtString = SDJWTConstants.secondary_issuer_sd_jwt.clean() + let query: Set = Set( + [ + "/family_name", + "/given_name" + ].compactMap { + JSONPointer(pointer: $0) + } + ) + + // When + let result = try await SDJWTVCVerifier( + trust: X509CertificateChainVerifier() + ).verifyIssuance( + unverifiedSdJwt: sdJwtString + ) + + let issuerSignedSDJWT = try CompactParser().getSignedSdJwt( + serialisedString: sdJwtString + ) + + let presentedSdJwt = try await issuerSignedSDJWT.present( + query: query, + visitor: visitor + ) + + let sdHash = DigestCreator() + .hashAndBase64Encode( + input: CompactSerialiser( + signedSDJWT: presentedSdJwt! + ).serialised + )! + + var holderPresentation: SignedSDJWT? + holderPresentation = try await SDJWTIssuer + .presentation( + holdersPrivateKey: TestP256AsyncSigner(secKey: holdersKeyPair.private), + signedSDJWT: issuerSignedSDJWT, + disclosuresToPresent: presentedSdJwt!.disclosures, + keyBindingJWT: KBJWT( + header: DefaultJWSHeaderImpl(algorithm: .ES256), + kbJwtPayload: .init([ + Keys.nonce.rawValue: "123456789", + Keys.aud.rawValue: "example.com", + Keys.iat.rawValue: 1694600000, + Keys.sdHash.rawValue: sdHash + ]) + ) + ) + + let kbJwt = holderPresentation?.kbJwt + + // Then + XCTAssertNoThrow(try result.get()) + XCTAssertNoThrow( + try verifier.verify( + iatOffset: .init( + startTime: Date(timeIntervalSince1970: 1694600000 - 1000), + endTime: Date(timeIntervalSince1970: 1694600000) + )!, + expectedAudience: "example.com", + challenge: kbJwt!, + extractedKey: try holdersKeyPair.public.jwk + ) + ) + + XCTAssertNotNil(kbJwt) + XCTAssertEqual(presentedSdJwt!.disclosures.count, 2) + + let presentedDisclosures = Set(presentedSdJwt!.disclosures) + let visitedDisclosures = Set(visitor.disclosures) + XCTAssertTrue(presentedDisclosures.isSubset(of: visitedDisclosures)) + } +} diff --git a/Tests/Helpers/Constants.swift b/Tests/Helpers/Constants.swift index fc12edb..f56efcd 100644 --- a/Tests/Helpers/Constants.swift +++ b/Tests/Helpers/Constants.swift @@ -76,4 +76,12 @@ struct SDJWTConstants { static let presentation_sd_jwt = """ eyJhbGciOiJFUzI1NiIsImNuZiI6eyJqd2siOnsiY3J2IjoiUC0yNTYiLCJrdHkiOiJFQyIsIngiOiJSbWVCZmhsTVZjcVlJckl0VmlWRE82bVV2WTh4UVJ1UFktY3JXT095MGswIiwieSI6IlliSTRZSGwzSHU2TldZYWpaTGN1M1dfd29NZnR1NzRlR2hlbnB6cVk2X3MifX0sImtpZCI6IkFvNTBTd3p2X3VXdTgwNUxjdWFUVHlzdV82R3dvcW52Smg5cm5jNDRVNDgiLCJ0eXAiOiJKV1QifQ.eyJjbmYiOnsiandrIjp7InkiOiJZYkk0WUhsM0h1Nk5XWWFqWkxjdTNXX3dvTWZ0dTc0ZUdoZW5wenFZNl9zIiwia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiJSbWVCZmhsTVZjcVlJckl0VmlWRE82bVV2WTh4UVJ1UFktY3JXT095MGswIn19LCJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlzcyI6Imh0dHBzOi8vbGVhZi5leGFtcGxlLmNvbSIsIl9zZF9hbGciOiJzaGEtMjU2IiwiX3NkIjpbIjN4YnVoa3R6UVZMR21rMEtrbnNMVUREQVJRNDNST2Y3YlNUWFc4OXdGVXMiXSwiTmF0aW9uYWxpdGVzIjpbeyIuLi4iOiJwZjRGTllTdVhZc0tDRFJEaXlVRmNFdGI4WHRXeWc3b2cydzhSelJFZ1lvIn0seyIuLi4iOiJtNUVZU1pRM2ZQUFhEUlJtOFVvT3IzTmJXdW1IUDNvemYzSzNkd0Zqai00In1dLCJhZHJlc3MiOnsibG9jYWxpdHkiOiJnciIsIl9zZCI6WyJFd2xqSE8teFF0N3g0UGFXcU14cl9ZOTQtYUNxZ0o3dGlxTl9TdmJIazlJIiwiV1dNS0R1bTBOcWRvZHdBSU9iaGFfSEZCWmNEanNMYmRLZTJGLUk4ODZjMCIsImJieWtDUXlYeDBBZmRrU0tfSkxfNlFDQ0hfY0hPX2lnOXdOU3AxeVNGV1EiLCJnbWZhWkF5N0xXSUgweU1LWDNmTGV1VEF1NFg5M2p4MW1wTDZFUmhvdjdJIiwibFNreWRCOEx2blhmU3FRMlZMZXlWVjFuMGgwUWJ0OHBBUjFLWkVXT0ZBayIsInRjZzNRLVdfalRzeWE0TV9pNFJEdnpjNjZjT2FHMjZkLWFmTTlOTFJWOE0iLCJ3UkkxYTY1ZE9NR3JOTzZFY0RoN0VBS0E4VDRfNGhVMzRKMnAyckRfVDFjIl19fQ.48XmC70TpafGTy5k-VSq4CcjBeQbO_p1_j0GiLS12JNSraQ35Li2y1_kcxAYFcIOw54e8guhk_SR_N0oy0pPMg~WyJSRGhCNm1YYTRvLXhtNWYzM1VKaGZnIiwiREUiXQ~eyJhbGciOiJFUzI1NiIsInR5cCI6ImtiK2p3dCJ9.eyJub25jZSI6IjEyMzQ1Njc4OSIsImF1ZCI6ImV4YW1wbGUuY29tIiwiaWF0IjoxNzI3OTQ1ODg2LCJzZF9oYXNoIjoiTWdaUmM0bzRBWlltTGtjcmZYSEhFaU5jNm9XeFZNNDV3WnpKNkxJU0FJcyJ9.3-Nt2fgvQKSXJpg0ZpASdwD0th0qxibJHSwndjNlJ0yPfh7F6-hfQ74bHOzftx-IRBAJdAyLYnsIQkkJpzYTAQ """ + + static let primary_issuer_sd_jwt = "eyJhbGciOiAiRVMyNTYiLCAidHlwIjogInZjK3NkLWp3dCIsICJ4NWMiOiBbIk1JSUM0ekNDQW1xZ0F3SUJBZ0lVY09RbklHVkdWckVVZHZ1SXhTL2lPWk1Xcm80d0NnWUlLb1pJemowRUF3SXdYREVlTUJ3R0ExVUVBd3dWVUVsRUlFbHpjM1ZsY2lCRFFTQXRJRlZVSURBeE1TMHdLd1lEVlFRS0RDUkZWVVJKSUZkaGJHeGxkQ0JTWldabGNtVnVZMlVnU1cxd2JHVnRaVzUwWVhScGIyNHhDekFKQmdOVkJBWVRBbFZVTUI0WERUSTBNVEV5T1RBeE1qazFORm9YRFRJMk1ESXlNakF4TWprMU0xb3dWREVXTUJRR0ExVUVBd3dOVUVsRUlFUlRJQzBnTURBd05qRXRNQ3NHQTFVRUNnd2tSVlZFU1NCWFlXeHNaWFFnVW1WbVpYSmxibU5sSUVsdGNHeGxiV1Z1ZEdGMGFXOXVNUXN3Q1FZRFZRUUdFd0pWVkRCWk1CTUdCeXFHU000OUFnRUdDQ3FHU000OUF3RUhBMElBQkhUYWh4dGsvRWRBQkdxK0RYMERicEp0RGt0bjl0dlJEVUJnbXVOZkVsNnBIbVdQVS9jTVpNWUZoTmpBVW9rUTNPcVFJeDdibUNOMWZRakxERHFQeVZxamdnRVFNSUlCRERBZkJnTlZIU01FR0RBV2dCU3piTGlSRnh6WHBCcG1NWWRDNFl2QVFNeVZHekFXQmdOVkhTVUJBZjhFRERBS0JnZ3JnUUlDQUFBQkFqQkRCZ05WSFI4RVBEQTZNRGlnTnFBMGhqSm9kSFJ3Y3pvdkwzQnlaWEJ5YjJRdWNHdHBMbVYxWkdsM0xtUmxkaTlqY213dmNHbGtYME5CWDFWVVh6QXhMbU55YkRBZEJnTlZIUTRFRmdRVVFlRkJWNnp4bDRQUGRxVjk4QjZrb1VoeTNSY3dEZ1lEVlIwUEFRSC9CQVFEQWdlQU1GMEdBMVVkRWdSV01GU0dVbWgwZEhCek9pOHZaMmwwYUhWaUxtTnZiUzlsZFMxa2FXZHBkR0ZzTFdsa1pXNTBhWFI1TFhkaGJHeGxkQzloY21Ob2FYUmxZM1IxY21VdFlXNWtMWEpsWm1WeVpXNWpaUzFtY21GdFpYZHZjbXN3Q2dZSUtvWkl6ajBFQXdJRFp3QXdaQUl3YjA5UkY4YTlXRXh2NjJFakdKSFNPNnY0cHlJWGxsdEhySG9VcXFyUDhRcW9qUTh5R3NkaUdwTm5WTVVpWXlDN0FqQUJ5dEpYM1JmZnFhODdCOWIrN0Qra2FQMG1BeFJjSjhCZUdGbXhMMFd5bDF6RVpaQzhaeFdqY0RJNFVrd1dQTVU9Il19.eyJfc2QiOiBbIjIwcmhRMHFRTHpaS2hmMXJEZzFVdXo4VmlubWlGV3VCeVdua1drUWRmeHciLCAiMzVWTnViWjNXZ18zbzQ4YnV2M3VGVkFwZ0hEaXVXa0t4R0xSZ0lGbk5ycyIsICJCY0JLTFBYY2FSMGJvTjlkb1I3OEVDWHVFeG50VENFbWJueHlCamE4eEFzIiwgIkpYT0tfeWpUY0w3NlNJS2xhVjRvYlYyNVhJM3ppekZrOW5lenY2dlRES2siLCAiU1BwYnVrREh6SkpWUVBid3d3Yl9WSXp3bVBjdTZKNGtyRkNKbkdleTRjVSIsICJuTGhaRHFPUXhTUmlFbDFnUXdsdkpMUGF0U29GamRCZ0c2VmVnWkpkNy00Il0sICJpc3MiOiAiaHR0cHM6Ly9jcmVkZW50aWFsLWlzc3Vlci5leGFtcGxlLmNvbSIsICJpYXQiOiAxNzM0MzA3MjAwLCAiZXhwIjogMTc0MjA4MzIwMCwgInZjdCI6ICJ1cm46ZXU6ZXVyb3BhOmVjOmV1ZGk6cGlkOjEiLCAiX3NkX2FsZyI6ICJzaGEtMjU2IiwgImNuZiI6IHsiandrIjogeyJrdHkiOiAiRUMiLCAiY3J2IjogIlAtMjU2IiwgIngiOiAiWlMxc0E5c2dvSUg3ckZ3VTFBUWl1czlhZjB3TllaLXREdzZBaFRTd0lVRSIsICJ5IjogIlBCZi1nNUJiSjlYRE5LdzJHdHhuSGxWcFFpWFVDbVBKdEc3Z2pTcjZhUGMifX19._Gk39IWxjJLU7wIo5G4Cx4hi-tI-vV-7PsFig77hp_pIfJlwGdYCHRxpC3gJBSRQieh8AViVotXU_4i27hiiFA~WyJPeGxCYmNub0FkTjdWcUNvbER0U2p3IiwgImZhbWlseV9uYW1lIiwgInRlc3QiXQ~WyJtWk54N1ZBd3ZmelRVQS1LLVU4S3RnIiwgImdpdmVuX25hbWUiLCAidGVzIl0~WyJ5ek9rN2owNm04UHBPQW1pV3YzaTNRIiwgImJpcnRoZGF0ZSIsICIyMDI0LTEyLTE1Il0~WyJOWmxTTWlycGtaQVRCeVFRRkNNUGxnIiwgImlzc3VpbmdfYXV0aG9yaXR5IiwgIlRlc3QgUElEIGlzc3VlciJd~WyJzbmduWWp1OUxBR0xMSF9JVUhTT0FRIiwgImlzc3VpbmdfY291bnRyeSIsICJGQyJd~WyI3MWFQMkpmTUtLQ0RoYm9ZaUtqdmd3IiwgIjE4IiwgZmFsc2Vd~WyJIVTRSd2NNcGxCNnVnbmFlT2l2VGVRIiwgImFnZV9lcXVhbF9vcl9vdmVyIiwgeyJfc2QiOiBbIkZnVFRqRUUyX0FadUxjaGxibjdIS3lnUGJ5QXFaMW82Q2ZSWUZ3R0Z5eEUiXX1d~" + + static let secondary_issuer_sd_jwt = "eyJ4NWMiOlsiTUlJRExUQ0NBcktnQXdJQkFnSVVMOHM1VHM2MzVrNk9oclJGTWxzU1JBU1lvNll3Q2dZSUtvWkl6ajBFQXdJd1hERWVNQndHQTFVRUF3d1ZVRWxFSUVsemMzVmxjaUJEUVNBdElGVlVJREF4TVMwd0t3WURWUVFLRENSRlZVUkpJRmRoYkd4bGRDQlNaV1psY21WdVkyVWdTVzF3YkdWdFpXNTBZWFJwYjI0eEN6QUpCZ05WQkFZVEFsVlVNQjRYRFRJME1URXlPVEV4TWpnek5Wb1hEVEkyTVRFeU9URXhNamd6TkZvd2FURWRNQnNHQTFVRUF3d1VSVlZFU1NCU1pXMXZkR1VnVm1WeWFXWnBaWEl4RERBS0JnTlZCQVVUQXpBd01URXRNQ3NHQTFVRUNnd2tSVlZFU1NCWFlXeHNaWFFnVW1WbVpYSmxibU5sSUVsdGNHeGxiV1Z1ZEdGMGFXOXVNUXN3Q1FZRFZRUUdFd0pWVkRCWk1CTUdCeXFHU000OUFnRUdDQ3FHU000OUF3RUhBMElBQkFXYTlVYXI3b1AxWmJHRmJzRkE0ZzMxUHpOR1pjd2gydlI3UENrazBZaUFMNGNocnNsZzljajFrQnlueVppN25acllnUE9KN3gwYXRSRmRreGZYanRDamdnRkRNSUlCUHpBTUJnTlZIUk1CQWY4RUFqQUFNQjhHQTFVZEl3UVlNQmFBRkxOc3VKRVhITmVrR21ZeGgwTGhpOEJBekpVYk1DY0dBMVVkRVFRZ01CNkNIR1JsZGk1cGMzTjFaWEl0WW1GamEyVnVaQzVsZFdScGR5NWtaWFl3RWdZRFZSMGxCQXN3Q1FZSEtJR01YUVVCQmpCREJnTlZIUjhFUERBNk1EaWdOcUEwaGpKb2RIUndjem92TDNCeVpYQnliMlF1Y0d0cExtVjFaR2wzTG1SbGRpOWpjbXd2Y0dsa1gwTkJYMVZVWHpBeExtTnliREFkQmdOVkhRNEVGZ1FVOGVIQS9NWHZreUNGNFExaW91WFAwc3BpTVVnd0RnWURWUjBQQVFIL0JBUURBZ2VBTUYwR0ExVWRFZ1JXTUZTR1VtaDBkSEJ6T2k4dloybDBhSFZpTG1OdmJTOWxkUzFrYVdkcGRHRnNMV2xrWlc1MGFYUjVMWGRoYkd4bGRDOWhjbU5vYVhSbFkzUjFjbVV0WVc1a0xYSmxabVZ5Wlc1alpTMW1jbUZ0WlhkdmNtc3dDZ1lJS29aSXpqMEVBd0lEYVFBd1pnSXhBSmpLU0EzQTdrWU9CWXdKQ09PY3JjYVJDRGVWVGZjdllZQ1I4QWp5blVpMjVJL3Rrc0RDRkE1K21hQ0xmbWtVS1FJeEFPVmpHc2dsdVF3VE41MG85N1dtaWxIYmxXNE44K3FBcm1zQkM4alRJdXRuS2ZjNHlaM3U1UTF1WllJbGJ0S1NyZz09Il0sImtpZCI6IjI3Mjg1NDYwOTcyMTEyMDczMjkzODg2ODI5ODc5OTI0NTAzNDE3NDEwMjkzODUzNCIsInR5cCI6InZjK3NkLWp3dCIsImFsZyI6IkVTMjU2In0.eyJwbGFjZV9vZl9iaXJ0aCI6eyJfc2QiOlsiMEpOZXF2d0VzNmpISFpNRnN5TEdhUXNFbS1EZHB1Z29xVS04V2hBdUlsRSIsIjh6X01JUFF5djVCSjdFM0FHV1ozR2tpTG5lR0wwYjA0dGJtb1VIZWt2amMiXX0sIl9zZCI6WyI0aUduUG9VdXl6MDRvVTdENXExR1czMjVRUHROb0pETndFWTJTa0pTOUNNIiwiOFFfMWhCQXJ4YkFBS0lhdFhOVl9zTEVzTm5SX1d1VUl5aDk0TGFDaElpMCIsIkFxZkV1U0UtVFlzZTlfNDNyUTBCN2FHZk5HVVU4ekFRZlE1S2hXdDh1YzgiLCJCNWl2cUxCUll6RDk4cjZ6dkU0Z0lSUFRldzN2ekVlb204VHRQNzZmb0ZJIiwiS0Z5aGhIZzZfcnlBMmswbWY1NFBjeFRDU2hRY2JnVFpJLWljRzJ0VDloZyIsIlNEWlVMWlJfd1RnWl9WR3RIU2JOOVBQMTFER19rZVZKQkE4NllDZnpaeEkiLCJTdXdaN21wUFVidUxTX3diYXNOb1BiQnIyakR2TVpfTElJYUtSbVZkblNJIiwiX0I0TDZ5akNMZllJU0xqQnkwVC11ai1IS0xCeWR6WEZJT2RCd0dWN1RQdyIsImFRVmljZWUwSlNyb3RGT1lIX1NkNk1QT0NtOVp4Z3lCUFVEWjZCYzAweFEiLCJiaFlYTEVCN2lsSWh1cm1DVnRCaC1jcldBUlprOWJESEgwWkR0dmR2WldZIiwiY0Y0ZzZ5TzF4R0ZfY1dpSlRsYS1MVnlHaGsxaldYOEVkMktCZU9QdHdJdyIsImlaRGJwWnQ1ZllRRG5RVE85aGFSVXlWNGpzcV9wZmZLYWFlS0RuRmxBM1kiLCJ3dEpzbk5XWDkzbnIwZ092YXV6ajJUczhHbWRFQTZBcUh0YWtJX1V3Ukl3IiwieTVyR0pIZU1TdGJhSGlnTGlDUmc5OWxnWmZVN2NvRnk5UXBjR3ZCSlBJWSJdLCJhZGRyZXNzIjp7Il9zZCI6WyI2Q3J4cXpSSENOSUdEZnVNRlcwTXFHMzJOcEVlQmNOZGtpUUUtVVAxX3BzIiwiT2ZaMzN3eGxhYkpheUtFYV9UczhQbmVTSzQ3SEY3bGwwLVpGVENEbXltYyIsIlJveTNNcHJEN0hRdVdRQXRWVFFLR3Y4NDRKbGdUSVJPeEIwbEotTFBFQWsiLCJaZ2dNU21sMmFWWC0zWjVxV3R2VktyZTFlYWlmZndjSVU0T2xSUkozMl9vIiwiY2dwN3k4THMxckV5X1M0TWZkY1ctbzJIZmZBQ0dGZTV6ZmczZEFQMG1ZWSIsIm8tY2l1clFyRTNwX3F0T09scUZoSS12ZDM2bXRaQ1pJWFg5aWR5S2xPcDQiXX0sInZjdCI6InVybjpldS5ldXJvcGEuZWMuZXVkaTpwaWQ6MSIsIl9zZF9hbGciOiJzaGEzLTI1NiIsImlzcyI6Imh0dHBzOi8vZGV2Lmlzc3Vlci1iYWNrZW5kLmV1ZGl3LmRldiIsImNuZiI6eyJqd2siOnsia3R5IjoiRUMiLCJ1c2UiOiJzaWciLCJjcnYiOiJQLTI1NiIsImtpZCI6IjRCNDNFRTEyLTQ2M0MtNDNCMy04MTU5LUIxNTQ3QjU0MzlFQSIsIngiOiJfSDhXSU9oaTZqT1JBY0o2bk5CWGU3Q3c5TnVZenVIMFJwY3huakhCVHRzIiwieSI6IlNPVWNiQy1PUUZWVTVSNWtGMjhLUDZxVTdCRWRQWWpyTkQ0S3I0R0VESmsiLCJhbGciOiJFUzI1NiJ9fSwiZXhwIjoxNzM3MDExNTczLCJpYXQiOjE3MzQ0MTk1NzMsImFnZV9lcXVhbF9vcl9vdmVyIjp7Il9zZCI6WyJXYV96eEk2OVNZWTJKS1lfZEh5WEp1S29lVm1FbmRzb0VUSzZjamlIcThJIl19fQ._LG_0nrL1yoWAQtejb7KyyQ8dpUdzeJoi9qeGRM4nJ7KP1Wj_SVaPoX1SvEhLHfSQX7x19Sz8qj2x56RMPcMiQ~WyJ4dUx5dVpEVGZXc0tKYjI0M0pqb09nIiwiZmFtaWx5X25hbWUiLCJOZWFsIl0~WyIweXVXWU9MZ2lTVGppaDU2Mm4zSGtRIiwiZ2l2ZW5fbmFtZSIsIlR5bGVyIl0~WyJXanRFM0duTWVZYVR5cUhoUHExbml3IiwiYmlydGhkYXRlIiwiMTk1NS0wNC0xMiJd~WyJDbUE4cXpYT1pBOWJ0eXN3dTc4RnlRIiwiMTgiLHRydWVd~WyJCOHFGLW41WlAxbWZPejhmQWdhLWh3IiwiYWdlX2luX3llYXJzIiw3MF0~WyJSM21RYmtBZGxTYnZfTlBjREoxWEp3IiwiYWdlX2JpcnRoX3llYXIiLCIxOTU1Il0~WyJ5NXZIWENhYmM2RHZldGluMXYxWWx3IiwiYmlydGhfZmFtaWx5X25hbWUiLCJOZWFsIl0~WyJwM21PV0tHME5wNGhmc1plZlpCQTlBIiwiYmlydGhfZ2l2ZW5fbmFtZSIsIlR5bGVyIl0~WyJCd0tZQTRSTzhoNWladG1KNWt4d0N3IiwibG9jYWxpdHkiLCIxMDEgVHJhdW5lciJd~WyJTVTFhcWtYT3dwdlVuM2FjRkZscERBIiwiY291bnRyeSIsIkFUIl0~WyJsTTN6UFI0ckNmb3BOVTlFck5vVWdBIiwiY291bnRyeSIsIkFUIl0~WyIySU1lV3BqRmdtc2ROVHVRU3lOdHRRIiwicmVnaW9uIiwiTG93ZXIgQXVzdHJpYSJd~WyJXYTgwMWRuYUk3dGRTY0FnNW1BQkRRIiwibG9jYWxpdHkiLCJHZW1laW5kZSBCaWJlcmJhY2giXQ~WyJ0RndoYW04WUl5Mzg2MXdBWFRaYnJRIiwicG9zdGFsX2NvZGUiLCIzMzMxIl0~WyItSk9UeDhOWUpqOUowX1gteURGdkJBIiwic3RyZWV0X2FkZHJlc3MiLCJUcmF1bmVyIl0~WyI4ZEpEZ1pNY0RxbVgxZDVERFdHZ0tBIiwiaG91c2VfbnVtYmVyIiwiMTAxICJd~WyI1VzdsZkVpLXMwQmZrcDQ0b0FfRzZRIiwiZ2VuZGVyIiwibWFsZSJd~WyJ3NEFCNjduMzRRTVVFZUxrUFBoMnBnIiwibmF0aW9uYWxpdGllcyIsWyJBVCJdXQ~WyJESVZaMEtWR2JVd3FORXF5R2w0MWV3IiwiaXNzdWluZ19hdXRob3JpdHkiLCJHUiBBZG1pbmlzdHJhdGl2ZSBhdXRob3JpdHkiXQ~WyJ4Y0dmekwxTDl0WUlNcEY2eUx4REdRIiwiZG9jdW1lbnRfbnVtYmVyIiwiMDc2YmQ3OWUtYTg0MS00OTg3LTllYzEtYzUxYzM0OWU0NTIwIl0~WyJYRjJtTnV0WG83bHNWNUwwX0E2aDFnIiwiYWRtaW5pc3RyYXRpdmVfbnVtYmVyIiwiZjZkMTcyMDAtMzcyNC00NGNmLWIxNjMtNDhkYjg4OTgwMTAzIl0~WyJIMEUxSXNzR3EtTkRZYWtURl9haktBIiwiaXNzdWluZ19jb3VudHJ5IiwiR1IiXQ~WyJpTGhaYWUxSFZJUlNIbnhfdlppa01RIiwiaXNzdWluZ19qdXJpc2RpY3Rpb24iLCJHUi1JIl0~" + + static let issuer_signed_sdjwt = """ + eyJ4NWMiOlsiTUlJRExUQ0NBcktnQXdJQkFnSVVMOHM1VHM2MzVrNk9oclJGTWxzU1JBU1lvNll3Q2dZSUtvWkl6ajBFQXdJd1hERWVNQndHQTFVRUF3d1ZVRWxFSUVsemMzVmxjaUJEUVNBdElGVlVJREF4TVMwd0t3WURWUVFLRENSRlZVUkpJRmRoYkd4bGRDQlNaV1psY21WdVkyVWdTVzF3YkdWdFpXNTBZWFJwYjI0eEN6QUpCZ05WQkFZVEFsVlVNQjRYRFRJME1URXlPVEV4TWpnek5Wb1hEVEkyTVRFeU9URXhNamd6TkZvd2FURWRNQnNHQTFVRUF3d1VSVlZFU1NCU1pXMXZkR1VnVm1WeWFXWnBaWEl4RERBS0JnTlZCQVVUQXpBd01URXRNQ3NHQTFVRUNnd2tSVlZFU1NCWFlXeHNaWFFnVW1WbVpYSmxibU5sSUVsdGNHeGxiV1Z1ZEdGMGFXOXVNUXN3Q1FZRFZRUUdFd0pWVkRCWk1CTUdCeXFHU000OUFnRUdDQ3FHU000OUF3RUhBMElBQkFXYTlVYXI3b1AxWmJHRmJzRkE0ZzMxUHpOR1pjd2gydlI3UENrazBZaUFMNGNocnNsZzljajFrQnlueVppN25acllnUE9KN3gwYXRSRmRreGZYanRDamdnRkRNSUlCUHpBTUJnTlZIUk1CQWY4RUFqQUFNQjhHQTFVZEl3UVlNQmFBRkxOc3VKRVhITmVrR21ZeGgwTGhpOEJBekpVYk1DY0dBMVVkRVFRZ01CNkNIR1JsZGk1cGMzTjFaWEl0WW1GamEyVnVaQzVsZFdScGR5NWtaWFl3RWdZRFZSMGxCQXN3Q1FZSEtJR01YUVVCQmpCREJnTlZIUjhFUERBNk1EaWdOcUEwaGpKb2RIUndjem92TDNCeVpYQnliMlF1Y0d0cExtVjFaR2wzTG1SbGRpOWpjbXd2Y0dsa1gwTkJYMVZVWHpBeExtTnliREFkQmdOVkhRNEVGZ1FVOGVIQS9NWHZreUNGNFExaW91WFAwc3BpTVVnd0RnWURWUjBQQVFIL0JBUURBZ2VBTUYwR0ExVWRFZ1JXTUZTR1VtaDBkSEJ6T2k4dloybDBhSFZpTG1OdmJTOWxkUzFrYVdkcGRHRnNMV2xrWlc1MGFYUjVMWGRoYkd4bGRDOWhjbU5vYVhSbFkzUjFjbVV0WVc1a0xYSmxabVZ5Wlc1alpTMW1jbUZ0WlhkdmNtc3dDZ1lJS29aSXpqMEVBd0lEYVFBd1pnSXhBSmpLU0EzQTdrWU9CWXdKQ09PY3JjYVJDRGVWVGZjdllZQ1I4QWp5blVpMjVJL3Rrc0RDRkE1K21hQ0xmbWtVS1FJeEFPVmpHc2dsdVF3VE41MG85N1dtaWxIYmxXNE44K3FBcm1zQkM4alRJdXRuS2ZjNHlaM3U1UTF1WllJbGJ0S1NyZz09Il0sImtpZCI6IjI3Mjg1NDYwOTcyMTEyMDczMjkzODg2ODI5ODc5OTI0NTAzNDE3NDEwMjkzODUzNCIsInR5cCI6InZjK3NkLWp3dCIsImFsZyI6IkVTMjU2In0.eyJwbGFjZV9vZl9iaXJ0aCI6eyJfc2QiOlsiQ1ZPZnBzTWdzWHZZNFZEUEptbmZvQkM1NXBBM05fQ1FYMkVlSFpteG5ybyIsIk5pVmR1R3VWalBXMU5FWjVTanQ2R1N0WEtxcDFSc0lzQW5kN2RSU1k2RU0iXX0sIl9zZCI6WyIta0xaRnkxeXhteVJUTl9rM3RyTGNjcUJrVHAwMzZsOXFEaUtTSVM1U2Y4IiwiMDhRZFZFVFdQUlJCRGN4andyRjJuM2xWbnNVTklqY0NQT192TnZhb2RzSSIsIjZEWk4xRVp0ZnFtTHVOYWc5bWRHRDBOM0o5Y3ZBc0FUYzJwTUt4dE5QTkkiLCI5OGd2dmVCa3IxYnB0SFB6b2k0UHVXR294LVZESmNZVG13aEJoVjhNQXlvIiwiSkh3dXNIUXlaZWpaTVN4d21TemVlN3kzelVFYmd3WjJwR05jX0FIZjFLayIsIlBpU2VDbWhIaDJ5LTFId2dfUDJvTGNzdDl3aV9ueG5ybjBzbHIxT0g1OTAiLCJUZHBrZlpna2I3dmhJMWxoSVZrclU1RS1QNUIxX3ZqcnNYaXVwbklkSVZrIiwiVW5SR0NHa0E2R1RTZi04ZXkzdHI0QmlOdVZFazEyLTY5bDg4aWNQdzFaMCIsIlc1WUFfMW5nRDdaRU1PZm9VdXUzTXZTbkptQnNUUXlmbzB2YmlGWkhILTgiLCJaQVFnczJWOHdDODdaVGlha1lwdnl2NG81QnlCODkzWkk5QXJjZ3pOYVM4IiwiZDY4UGMtbnZkb0tDS3VoWDVxSGtoa0lCRDZpUHlHZnA4VkxHQTc3OE4wdyIsImZWbDZjS2VuQ0g5UTFaWTNhX0RsLTZncWtNMlF5eTBpeWpfeVBkc0pQSWciLCJrS3VUa2JFbWJsWTRYX0pHWTNtZ3A4VEZfUkRKM01LdnpOZ3hTb2QyMHVFIiwidkdJNzNTS0hjRlVfQVcydUNrYXpGU3VJdjVpQ3BmcGNqSUt6aGVfY29jbyJdLCJhZGRyZXNzIjp7Il9zZCI6WyItTlRod0ZLUDMtSktBMU5tdE53YUdhVjdJWHNVLWR6bkd0MFJIYWpfaEFNIiwiT2dHUXh4eERrNjFOVm9ST1VQTFVOWkhDZEdCdlVPZ2NrT3M5Zk9MNlV1byIsImJsUE9TT1I4WGxZRF90Z2VabUw4X0p3Tk9ESW5nZ1dXQVZMVllSZ0lDQjAiLCJjeDhaeEhTbkNpSFVYZ3JzS2c4bHd5UHVic0Y0d2RpcUFjRTQtRlBGVlcwIiwiZDAySkZyenBSSThRY0M1TUdlU2VQR0NDUzhzWnQ3OVlXZ0g4R0h4OUhIbyIsInZEYVd3bDVqdi1HcUR5cGtDNkY1eU1aZHFkVElEbU5ORTB2ai1Wdno1VDgiXX0sInZjdCI6InVybjpldS5ldXJvcGEuZWMuZXVkaTpwaWQ6MSIsIl9zZF9hbGciOiJzaGEzLTI1NiIsImlzcyI6Imh0dHBzOi8vZGV2Lmlzc3Vlci1iYWNrZW5kLmV1ZGl3LmRldiIsImNuZiI6eyJqd2siOnsia3R5IjoiRUMiLCJ1c2UiOiJzaWciLCJjcnYiOiJQLTI1NiIsImtpZCI6IkRDMEM4RkY4LUEzQUQtNEUyNy1CMUY2LUE4Mjc2QjlCOEQwNiIsIngiOiJlcENjdzBTcnhlWkU0X2pOZTFEU0FyNVA3dTVydk1fU1dwZGExbVdWaEU4IiwieSI6ImxIaENSaEkyZm1VS2MxWDZVTUZqcXpydEVyY2wwd0FYcXJCdTBjZ0FJdVEiLCJhbGciOiJFUzI1NiJ9fSwiZXhwIjoxNzM5NTE2ODg3LCJpYXQiOjE3MzY5MjQ4ODcsImFnZV9lcXVhbF9vcl9vdmVyIjp7Il9zZCI6WyIxaWhKYUlGSk40ZkNNeTNkVmdkTklWeUdfZmRlYW9VdWFDS25TZEFaeWtVIl19fQ.fIssK5yvDqXSGSmeZbwYZ9TxFVZzq_5WUIlOlmz5xHDr5iWzOb9MQ6EdLsiAIObawFFi3d-kjDLaRxHgEzPJyA~WyJ2STZ5Rkk1TmZYZkxhb2RHd2o1RUpRIiwiZmFtaWx5X25hbWUiLCJOZWFsIl0~WyJUTHdYNm1CbDVQNEpFMDZaZDV3Y1FRIiwiZ2l2ZW5fbmFtZSIsIlR5bGVyIl0~WyJKbldhNWxxQ2Z5OXRnTWJvamkzczJnIiwiYmlydGhkYXRlIiwiMTk1NS0wNC0xMiJd~WyJSWnlKQmozOG9McWNldEl6QkdBN3lRIiwiMTgiLHRydWVd~WyI3SlZrVl9TUVI1Ykw2Z21vMERQb09RIiwiYWdlX2luX3llYXJzIiw3MF0~WyI2Mm1vckdscFU2YkI1NDRaRGRCVmVRIiwiYWdlX2JpcnRoX3llYXIiLCIxOTU1Il0~WyI0TDNzQUN4NWJXRWdVS204a1lsdU1BIiwiYmlydGhfZmFtaWx5X25hbWUiLCJOZWFsIl0~WyJuZkd0M3A1VHFQYTM1d0VLUUI2UXJ3IiwiYmlydGhfZ2l2ZW5fbmFtZSIsIlR5bGVyIl0~WyJfUTFwcUtVRUpxbnR3bHJZdWZaaFNnIiwibG9jYWxpdHkiLCIxMDEgVHJhdW5lciJd~WyJxRlJvYWNvWVItTXNxWmhmYVZ2QVV3IiwiY291bnRyeSIsIkFUIl0~WyJ6SXEwWkd2OWtHaVBwNXJiRjRVUXp3IiwiY291bnRyeSIsIkFUIl0~WyJWSGdwRHBzdWp0QnlMLUpmTEJLT3VnIiwicmVnaW9uIiwiTG93ZXIgQXVzdHJpYSJd~WyJLaFpPTkhHNmR2emMtdGV6M0NfTEVnIiwibG9jYWxpdHkiLCJHZW1laW5kZSBCaWJlcmJhY2giXQ~WyJvMnNLY0g2YktmZjBXaFpPQTY1MTNnIiwicG9zdGFsX2NvZGUiLCIzMzMxIl0~WyJUVVpVNmlHT2c1b1hfUEtXNEV6VlVBIiwic3RyZWV0X2FkZHJlc3MiLCJUcmF1bmVyIl0~WyJQdUpPNXIxUmxrZGpVWmZlazJWcGNnIiwiaG91c2VfbnVtYmVyIiwiMTAxICJd~WyJvVlYxWHk3WFlHRjlVN3ZtZlc0aDV3IiwiZ2VuZGVyIiwibWFsZSJd~WyJtSzBLNnM4OUVLYzBWWkJ4SUcxZWRnIiwibmF0aW9uYWxpdGllcyIsWyJBVCJdXQ~WyJqXzlmMzhFaUtlMGhKQ1hkbHhiZDlRIiwiaXNzdWluZ19hdXRob3JpdHkiLCJHUiBBZG1pbmlzdHJhdGl2ZSBhdXRob3JpdHkiXQ~WyJBZkN6SFlLZzYzakFwS3d6dTV0T1ZnIiwiZG9jdW1lbnRfbnVtYmVyIiwiOTcyMzM3OWUtMGU0Ni00MGUyLWIwNGItMDQyMWZkYzM0ZjRlIl0~WyJBOHNKeUUxRlRXcEQ1cVdmZkZ1VklnIiwiYWRtaW5pc3RyYXRpdmVfbnVtYmVyIiwiZTJiODdmMDgtYjdkYS00YmJjLWI0NjktZWQzMTA2OTg4ZTQzIl0~WyIwN2FQbWFsdldtc2VmVEFyVElRQnh3IiwiaXNzdWluZ19jb3VudHJ5IiwiR1IiXQ~WyJ6U1h6ejJseksxVVpab0w5Ql9PcVd3IiwiaXNzdWluZ19qdXJpc2RpY3Rpb24iLCJHUi1JIl0~ + """ } diff --git a/Tests/Verification/VcVerifierTest.swift b/Tests/Verification/VcVerifierTest.swift index e5a424e..4586934 100644 --- a/Tests/Verification/VcVerifierTest.swift +++ b/Tests/Verification/VcVerifierTest.swift @@ -47,6 +47,38 @@ final class VcVerifierTest: XCTestCase { XCTAssertNoThrow(try result.get()) } + func testVerifyIssuance_WithValidSDJWT_Withx509Header_PrimaryIssuer_ShouldSucceed() async throws { + + // Given + let sdJwtString = SDJWTConstants.primary_issuer_sd_jwt.clean() + + // When + let result = try await SDJWTVCVerifier( + trust: X509CertificateChainVerifier() + ).verifyIssuance( + unverifiedSdJwt: sdJwtString + ) + + // Then + XCTAssertNoThrow(try result.get()) + } + + func testVerifyIssuance_WithValidSDJWT_Withx509Header_SecondaryIssuer_ShouldSucceed() async throws { + + // Given + let sdJwtString = SDJWTConstants.secondary_issuer_sd_jwt.clean() + + // When + let result = try await SDJWTVCVerifier( + trust: X509CertificateChainVerifier() + ).verifyIssuance( + unverifiedSdJwt: sdJwtString + ) + + // Then + XCTAssertNoThrow(try result.get()) + } + func testVerifyIssuance_WithValidSDJWT_Withx509Header_AndConfiguration_ShouldSucceed() async throws { // Given diff --git a/Tests/Verification/VerifierTest.swift b/Tests/Verification/VerifierTest.swift index 3d71c27..9a167a0 100644 --- a/Tests/Verification/VerifierTest.swift +++ b/Tests/Verification/VerifierTest.swift @@ -24,6 +24,17 @@ import XCTest final class VerifierTest: XCTestCase { + func test_issuer_signed_jwt() throws { + + let recreatedClaimsResult = try CompactParser() + .getSignedSdJwt(serialisedString: SDJWTConstants.issuer_signed_sdjwt) + .recreateClaims() + + XCTAssertTrue(recreatedClaimsResult.recreatedClaims.exists()) + XCTAssertTrue(recreatedClaimsResult.digestsFoundOnPayload.count == 23) + + } + func testVerifierBehaviour_WhenPassedValidSignatures_ThenExpectToPassAllCriterias() throws { let pk = try JSONDecoder.jwt.decode(JWK.self, from: key.tryToData()) @@ -236,15 +247,16 @@ final class VerifierTest: XCTestCase { FlatDisclosedClaim("time", "time runs out or maybe not") } + let iat = Int(Date().timeIntervalSince1970.rounded()) for sdjwt in [iatJwt, expSdJwt, nbfSdJwt, nbfAndExpSdJwt] { let result = try SDJWTVerifier(sdJwt: sdjwt).verifyIssuance { jws in try SignatureVerifier(signedJWT: jws, publicKey: issuersKeyPair.public) } claimVerifier: { nbf, exp in ClaimsVerifier( - iat: Int(Date().timeIntervalSince1970.rounded()), + iat: iat, iatValidWindow: TimeRange( - startTime: Date(), - endTime: Date(timeIntervalSinceNow: 10) + startTime: Date(timeIntervalSinceNow: -3600), + endTime: Date(timeIntervalSinceNow: 3600) ), nbf: nbf, exp: exp