Failed JSON-LD normalization about cert-verifier-js HOT 8 CLOSED

Hey,

thanks for bringing that up. This is strange, the recent changes shouldn't have affected the verification process (and all the automated tests are still passing and they have a publicKey too in the document).

The content of the publicKey does not matter in terms of jsonld normalization so we can rule that out.

Would you be able to share the whole document so I can take a look and debug? If there is sensitive information you can redact it, we should be getting the next error which is about hashes not matching.

Thanks

from cert-verifier-js.

I have a hunch it could be coming from the jsonld library update, but I need to see the structure of your document to confirm. Are you adding anything custom to the document?

from cert-verifier-js.

Hi here the 2 files the original one and the modified version
https://drive.google.com/drive/folders/13irbZTbMSQLQ6vJw0LaEx-pbshK9XrE5?usp=sharing

the old one works like a charm with the 1.56.0 version or before I tested by myself

the modified worked with all the versions including the lastest one 1.57.2

from cert-verifier-js.

ok so I'm transferring this issue to this repo because it's the package.

This is indeed an issue related to jsonld safe mode, which was introduced with a recent update.
However we can't really consider this a bug on the verifier side, as it is conforming to a safer jsonld parser. There is likely an issue with your model and I'm trying to pinpoint it.

from cert-verifier-js.

The quick error fix is the format of the public key:

ecdsa-koblitz-pubkey0x8Ad1fC3f16795Ab926BD3CHANGEDFORSECURITY

if it is referenced as

ecdsa-koblitz-pubkey:0x8Ad1fC3f16795Ab926BD3CHANGEDFORSECURITY

Then the issue does not appear.

So I don't exactly know at this point why jsonld needs the colon, but may I ask if that's a typo, or if not, why do you drop the colon? Other public keys expect the colon and you actually do that with the other key:

ecdsa-koblitz-pubkey:[email protected]

from cert-verifier-js.

Thanks for your answer and your help appreciate it 🙏🙏🙏
The point is that it was working before the update without the colon that is strange.
Adding the column again implies reissue the credentials but it will be fine for us, the most important thing was that we were able to find a solution.

About the other point, you are alright I dont know why we missed the other colon... We will make sure doesnt happen again.

from cert-verifier-js.

The point is that it was working before the update without the colon that is strange.

We moved from jsonld@5 to jsonld@8 and this version introduced a safe mode that checks this sort of errors. This is the value that normalization is yielding without the colon on a jsonld playground (https://fhircat.org/jsonld/playground/):

<https://w3id.org/security#publicKey> <https://fhircat.org/jsonld/playground/ecdsa-koblitz-pubkey0x7B2E3cf80C7C9ECf878427e42059A6a306AEF244> .

And this is the normalized version with the colon:
_:c14n5 <https://w3id.org/security#publicKey> <ecdsa-koblitz-pubkey:0x7B2E3cf80C7C9ECf878427e42059A6a306AEF244> .

As you can see, in the first case it's using the URL of the testing website, which means it's a relative reference because it does not know how to bind it correctly.

I'm by no means a jsonld expert so I can't tell you more about the internals, but I've had to debug such issues before.

from cert-verifier-js.

Thank you so much for the additional information bro Im going to close the issue for now... By the way I invite you to follow me https://twitter.com/dannysuarez . All the best!!!!!

from cert-verifier-js.