Package de.adorsys.sdjwt
Class SdJwtVerificationContext
- java.lang.Object
-
- de.adorsys.sdjwt.SdJwtVerificationContext
-
public class SdJwtVerificationContext extends Object
Runs SD-JWT verification in isolation with only essential properties.- Author:
- Ingrid Kamga
-
-
Constructor Summary
Constructors Constructor Description SdJwtVerificationContext(IssuerSignedJWT issuerSignedJwt, List<String> disclosureStrings)SdJwtVerificationContext(IssuerSignedJWT issuerSignedJwt, Map<String,String> disclosures)SdJwtVerificationContext(String sdJwtVpString, IssuerSignedJWT issuerSignedJwt, Map<String,String> disclosures, KeyBindingJWT keyBindingJwt)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidverifyIssuance(IssuerSignedJwtVerificationOpts issuerSignedJwtVerificationOpts)Verifies SD-JWT as to whether the Issuer-signed JWT's signature and disclosures are valid.voidverifyPresentation(IssuerSignedJwtVerificationOpts issuerSignedJwtVerificationOpts, KeyBindingJwtVerificationOpts keyBindingJwtVerificationOpts)Verifies SD-JWT presentation.
-
-
-
Constructor Detail
-
SdJwtVerificationContext
public SdJwtVerificationContext(String sdJwtVpString, IssuerSignedJWT issuerSignedJwt, Map<String,String> disclosures, KeyBindingJWT keyBindingJwt)
-
SdJwtVerificationContext
public SdJwtVerificationContext(IssuerSignedJWT issuerSignedJwt, Map<String,String> disclosures)
-
SdJwtVerificationContext
public SdJwtVerificationContext(IssuerSignedJWT issuerSignedJwt, List<String> disclosureStrings)
-
-
Method Detail
-
verifyIssuance
public void verifyIssuance(IssuerSignedJwtVerificationOpts issuerSignedJwtVerificationOpts) throws SdJwtVerificationException
Verifies SD-JWT as to whether the Issuer-signed JWT's signature and disclosures are valid.Upon receiving an SD-JWT, a Holder or a Verifier needs to ensure that:
- the Issuer-signed JWT is valid, i.e., it is signed by the Issuer and the signature is valid, and - all Disclosures are valid and correspond to a respective digest value in the Issuer-signed JWT (directly in the payload or recursively included in the contents of other Disclosures).- Parameters:
issuerSignedJwtVerificationOpts- Options to parametize the Issuer-Signed JWT verification. A verifier must be specified for validating the Issuer-signed JWT. The caller is responsible for establishing trust in that associated public keys belong to the intended issuer.- Throws:
SdJwtVerificationException- if verification failed
-
verifyPresentation
public void verifyPresentation(IssuerSignedJwtVerificationOpts issuerSignedJwtVerificationOpts, KeyBindingJwtVerificationOpts keyBindingJwtVerificationOpts) throws SdJwtVerificationException
Verifies SD-JWT presentation.Upon receiving a Presentation, in addition to the checks in
verifyIssuance(de.adorsys.sdjwt.IssuerSignedJwtVerificationOpts), Verifiers need to ensure that if Key Binding is required, the Key Binding JWT is signed by the Holder and valid.- Parameters:
issuerSignedJwtVerificationOpts- Options to parametize the Issuer-Signed JWT verification. A verifier must be specified for validating the Issuer-signed JWT. The caller is responsible for establishing trust in that associated public keys belong to the intended issuer.keyBindingJwtVerificationOpts- Options to parametize the Key Binding JWT verification. Must, among others, specify the Verify's policy whether to check Key Binding.- Throws:
SdJwtVerificationException- if verification failed
-
-