Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid kid header value when we create presentation as JWT #304

Open
nitin-vavdiya opened this issue May 8, 2024 · 0 comments
Open

Invalid kid header value when we create presentation as JWT #304

nitin-vavdiya opened this issue May 8, 2024 · 0 comments
Labels
bug Something isn't working

Comments

@nitin-vavdiya
Copy link
Contributor

Current Behavior

When we create a presentation as JWT using api/presentations/iatp?asJwt=true and api/presentations?asJwt=true, the generated JWT token has an invalid kid header value

ie:

Did document:

{
    "@context":
    [
        "https://www.w3.org/ns/did/v1",
        "https://w3c.github.io/vc-jws-2020/contexts/v1"
    ],
    "id": "did:web:3bdf-203-129-213-107.ngrok-free.app:BPNL000000000000",
    "verificationMethod":
    [
        {
            "publicKeyJwk":
            {
                "x": "2IU_u50oEO1ym0ZELQPKtYzJA6UJ_J11cpnoFxxFsNM",
                "crv": "Ed25519",
                "kty": "OKP"
            },
            "controller": "did:web:3bdf-203-129-213-107.ngrok-free.app:BPNL000000000000",
            "id": "did:web:3bdf-203-129-213-107.ngrok-free.app:BPNL000000000000#b879cfac-7e51-45c1-97fa-3db84db10e44",
            "type": "JsonWebKey2020"
        },
        {
            "publicKeyJwk":
            {
                "kty": "EC",
                "x": "hZvJ0heaxQxeeBXlSuC-4IPx_UFGeOL5UEYLzLdzfIQ",
                "y": "EufmJauadvvkKl7lB7HkzzF9AIVLx4qN9Ih5yf-7eLc",
                "crv": "secp256k1"
            },
            "controller": "did:web:3bdf-203-129-213-107.ngrok-free.app:BPNL000000000000",
            "id": "did:web:3bdf-203-129-213-107.ngrok-free.app:BPNL000000000000#1b4c2d5b-479b-4a19-834a-fecd42c3d60b",
            "type": "JsonWebKey2020"
        }
    ]
}

The header of JWT:

{
 "kid": "did:web:3bdf-203-129-213-107.ngrok-free.app:BPNL000000000000",
 "typ": "JWT",
 "alg": "ES256K"
}

Here kid is just the did of the issuer without any specific key ID.

Here it should be did:web:3bdf-203-129-213-107.ngrok-free.app:BPNL000000000000#1b4c2d5b-479b-4a19-834a-fecd42c3d60b as kid

Expected Behavior

Value of kid value must contain issuer#keyId

Steps To Reproduce

  1. Create Wallet
  2. Create an STS token
  3. Create presentation as JWT using api/presentations/iatp?asJwt=true POST API
  4. Verify kid value of JWT
  5. Create presentation as JWT using api/presentations?asJwt=true POST API
  6. Verify kid value of JWT

For IATP, it can be fixed in MIW application
For VP as JWT, the SSI lib version 0.0.18 does not support creating/signing JWT with keyId, we need to upgrade SSI lib version first.

We can plan this task once we after merging #284

Related to #303
@nitin-vavdiya nitin-vavdiya added the bug Something isn't working label May 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@nitin-vavdiya