diff --git a/src/verifiers/documentStatus/didSigned/didSignedDocumentStatus.ts b/src/verifiers/documentStatus/didSigned/didSignedDocumentStatus.ts index 284af98..4ca2a6c 100644 --- a/src/verifiers/documentStatus/didSigned/didSignedDocumentStatus.ts +++ b/src/verifiers/documentStatus/didSigned/didSignedDocumentStatus.ts @@ -341,7 +341,7 @@ const verifyV3 = async ( }; const verifyV4 = async ( - document: SignedWrappedDocument, + document: v4.SignedWrappedDocument, options: VerifierOptions ): Promise< OpenAttestationDidSignedDocumentStatusValidFragmentV4 | OpenAttestationDidSignedDocumentStatusInvalidFragmentV4 @@ -359,25 +359,21 @@ const verifyV4 = async ( }) ); - if (!document.credentialStatus?.credentialStatusType) { - throw new CodedError( - "credentialStatus (revocation) block not found for an issuer", - OpenAttestationDidSignedDocumentStatusCode.MISSING_REVOCATION, - "MISSING_REVOCATION" - ); - } - const issuedOnAll = verificationResult.issued; const getRevocationStatus = async ( - docType: v4.CredentialStatusType, - location: string | undefined + credentialStatus: v4.OpenAttestationDocument["credentialStatus"] ): Promise => { - switch (docType) { - case v4.CredentialStatusType.RevocationStore: - if (typeof location === "string") { + // No revocation type specified (i.e. an unrevocable document) + if (!credentialStatus) { + return { revoked: false }; + } + + switch (credentialStatus.type) { + case "OpenAttestationRevocationStore": + if (typeof credentialStatus.id === "string") { return isRevokedOnDocumentStore({ - documentStore: location, + documentStore: credentialStatus.id, merkleRoot, targetHash, proofs, @@ -389,13 +385,13 @@ const verifyV4 = async ( OpenAttestationDidSignedDocumentStatusCode.REVOCATION_LOCATION_MISSING, "REVOCATION_LOCATION_MISSING" ); - case v4.CredentialStatusType.OcspResponder: - if (typeof location === "string") { + case "OpenAttestationOcspResponder": + if (typeof credentialStatus.id === "string") { return isRevokedByOcspResponder({ merkleRoot, targetHash, proofs, - location, + location: credentialStatus.id, }); } throw new CodedError( @@ -403,21 +399,16 @@ const verifyV4 = async ( OpenAttestationDidSignedDocumentStatusCode.REVOCATION_LOCATION_MISSING, "REVOCATION_LOCATION_MISSING" ); - case v4.CredentialStatusType.None: - return { revoked: false }; default: throw new CodedError( - "revocation type not found for an issuer", + "unknown revocation type", OpenAttestationDidSignedDocumentStatusCode.UNRECOGNIZED_REVOCATION_TYPE, "UNRECOGNIZED_REVOCATION_TYPE" ); } }; - const revocationStatus = await getRevocationStatus( - document.credentialStatus.credentialStatusType, - document.credentialStatus.location - ); + const revocationStatus = await getRevocationStatus(document.credentialStatus); const revokedOnAny = revocationStatus.revoked; diff --git a/src/verifiers/issuerIdentity/dnsDid/dnsDidProof.ts b/src/verifiers/issuerIdentity/dnsDid/dnsDidProof.ts index cbfe366..70b9398 100644 --- a/src/verifiers/issuerIdentity/dnsDid/dnsDidProof.ts +++ b/src/verifiers/issuerIdentity/dnsDid/dnsDidProof.ts @@ -35,7 +35,7 @@ const test: VerifierType["test"] = (document) => { } else if (utils.isSignedWrappedV3Document(document)) { return document.openAttestationMetadata.identityProof.type === v3.IdentityProofType.DNSDid; } else if (utils.isWrappedV4Document(document)) { - return document.issuer.identityProof.identityProofType === v4.IdentityProofType.DNSDid; + return document.issuer.identityProof.identityProofType === "DNS-DID"; } return false; }; @@ -185,7 +185,7 @@ const verify: VerifierType["verify"] = async (document) => { else if (utils.isSignedWrappedV3Document(document)) return verifyV3(document); else if (utils.isSignedWrappedV4Document(document)) return verifyV4(document); throw new CodedError( - "Document does not match either v2 or v3 formats. Consider using `utils.diagnose` from open-attestation to find out more.", + "Document does not match either v2, v3 or v4 formats. Consider using `utils.diagnose` from open-attestation to find out more.", OpenAttestationDnsDidCode.UNRECOGNIZED_DOCUMENT, OpenAttestationDnsDidCode[OpenAttestationDnsDidCode.UNRECOGNIZED_DOCUMENT] );