New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@arcblock/vc
Advanced tools
@arcblock/vc - npm Package Compare versions
Comparing version 1.1.4 to 1.2.2
@@ -13,3 +13,3 @@ /** | ||
| const { toTypeInfo, isValid, isFromPublicKey, fromPublicKeyHash } = require('@arcblock/did'); | ||
| const { toBase58, toBase64, fromBase64 } = require('@arcblock/forge-util'); | ||
| const { toBase58, toBase64, fromBase64, fromBase58 } = require('@arcblock/forge-util'); | ||
@@ -169,5 +169,43 @@ // eslint-disable-next-line | ||
| /** | ||
| * Verify that the Presentation is valid | ||
| * - It is signed by VC's owner | ||
| * - It contain chanllege | ||
| * - It has valid signature by the issuer | ||
| * - It is not expired | ||
| * | ||
| * @param {object} presentation - the presentation object | ||
| * @param {Array} trustedIssuers - list of issuer did | ||
| * @param {String} challenge - Random byte you want | ||
| * @throws {Error} | ||
| * @returns {boolean} | ||
| */ | ||
| function verifyPresentation({ presentation, trustedIssuers, challenge }) { | ||
| if (!presentation.challenge || challenge !== presentation.challenge) { | ||
| throw Error('unsafe response'); | ||
| } | ||
| const vcArray = Array.isArray(presentation.verifiableCredential) | ||
| ? presentation.verifiableCredential | ||
| : [presentation.verifiableCredential]; | ||
| const proofArray = Array.isArray(presentation.proof) ? presentation.proof : [presentation.proof]; | ||
| const clone = cloneDeep(presentation); | ||
| delete clone.proof; | ||
| vcArray.forEach(vcString => { | ||
| const vc = JSON.parse(vcString); | ||
| const proof = proofArray.find(tmpProof => isFromPublicKey(vc.credentialSubject.id, tmpProof.pk)); | ||
| if (!proof) throw Error('VC cannot be proof'); | ||
| const signature = proof.jws; | ||
| const recipience = fromPublicKey(fromBase58(proof.pk), toTypeInfo(vc.credentialSubject.id)); | ||
| if (recipience.verify(stringify(clone), fromBase64(signature)) !== true) { | ||
| throw Error('presentation signature not valid'); | ||
| } | ||
| verify({ vc, ownerDid: vc.credentialSubject.id, trustedIssuers }); | ||
| }); | ||
| return true; | ||
| } | ||
| module.exports = { | ||
| create, | ||
| verify, | ||
| verifyPresentation, | ||
| }; |
| { | ||
| "name": "@arcblock/vc", | ||
| "version": "1.1.4", | ||
| "version": "1.2.2", | ||
| "description": "Javascript lib to work with ArcBlock Verifiable Credentials", | ||
@@ -58,3 +58,3 @@ "keywords": [ | ||
| }, | ||
| "gitHead": "d9ffc9a387ed62986049871c7f3210c02bda7169" | ||
| "gitHead": "0644561ed13b9e270b375f082acfddd0ae443e9c" | ||
| } |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by15.09%
11484
- Lines of code
- increased by19.58%
226
No dependency changes