Skip to content

Commit

Permalink
docs: add draft for an IATP Test Plan (#41)
Browse files Browse the repository at this point in the history 
* docs: add draft for an IATP Test Plan

* moved into subfolder

* added verifier tests

* added credentialservice tests

* renamed to base_tests
  • Loading branch information
@paullatzelsperger
paullatzelsperger authored Dec 6, 2023
1 parent 9fda8d2 commit 587eb3f
Show file tree
Hide file tree
Showing 12 changed files with 615 additions and 0 deletions.
202 changes: 202 additions & 0 deletions specifications/testing/base_tests.md
View file

Large diffs are not rendered by default.

48 changes: 48 additions & 0 deletions specifications/testing/credentialservice.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
# Verifying SI Tokens in the CredentialService

In a typical scenario involving IATP, there is one party that wants to prove certain claims about themselves, and there
is one party that wants to verify those claims. Topologically the CredentialService belongs to the "proving" party.

This document deals with tests for the CredentialService.

## Test setup

The system-under-test, i.e. the execution runtime of the CredentialService, is regarded as a black box, exposing only
the
Resolution API. The test harness then executes REST requests against that API and performs test assertions. It may be
necessary for the test harness to interact with the system-under-test, e.g. to obtain valid `presentation_access_tokens`
or to prepare a specific (set of) VCs.

## Verifying/Validating incoming SI Token requests

_This test sequence handles only negative cases, where self-issued ID tokens (created by a supposed verifier) are
rejected by the CredentialService. Consequently, the test harness stops the test once a rejection response was received,
or a reasonable time has passed. Cases, where the correctness and validity of the generated VPs is asserted are handled
below._

| Number | Name | Description |
|--------|---------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| P_0001 | Request body invalid | The request body of the `/presentation/query` endpoint is invalid, e.g. it contains both a `scope` _and_ a `presentationDefinition` object, or it cannot be deserialized. |
| P_0002 | No `Authorization` header present | The request does not have an `Authorization` header (i.e. no token is present) |
| P_0003 | Signature invalid | The signature of the JWT can not be verified using the public key from the counterparty. |
| P_0004 | `sub_jwk` must not be present | The JWT contains a `sub_jwk` claim |
| P_0005 | `jti` already used | The same `jti` claim value was used twice within the token's expiry time |
| P_0006 | `presentation_access_token` must be present | The JWT must contain a `presentation_access_token` claim, the shape of which is opaque |
| P_0007 | `client_id` must be present | The JWT must contain a `client_id` claim, that must be identical to the sender's participant ID |
| P_0008 | Issuer's scope not valid | The `presentation_access_token` cannot be resolved to a valid scope. That means, the scope string that is encoded in the token is invalid or is not understood. |
| P_0009 | Requestor's query not valid | The `scope` or `presentationDefinition` object of the presentation query cannot be parsed to valid scope string. |
| P_0010 | Requestor's query is unauthorized | The requestor is not authorized for at least one item specified by the query. In practice, this could be a scope string that is "too wide" |

## Verifying/Validating the created VP

_This test sequence deals with ensuring, that all VPs created by the CredentialService are structurally and
cryptographically intact. For basic cryptographic checks please also refer to
the [VC/VP verification section](./base_tests#verifying-ldp-vc--ldp-vp)_

| Number | Name | Description |
|--------|--------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| P_0011 | LDP-VP contains single LDP-VC | The LDP-VP contains a single LDP-VC. |
| P_0012 | LDP-VP contains multiple LDP-VC | The LDP-VP contains an array of LDP-VCs |
| P_0013 | JWT-VP contains single JWT-VC | A JWT-VP contains a single JWT-VC. |
| P_0014 | JWT-VP contains multiple mixed VC | A JWT-VP contains a mixtures of JWT-VCs and LDP-VCs (at least one each). |
| P_0015 | JWT-VCs are wrapped in a separate VP | An LDP-VP cannot contain JWT-VCs, they would get stripped out during JSON-LD expansion. Therefor if the desired format is `ldp-vp`, the CredentialService must return a second VP, formatted as JWT, that contains all JWT-VCs |
28 changes: 28 additions & 0 deletions specifications/testing/sample_input_verification/v-t_0001_valid_vc_linked_proof.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
{
"issuanceDate": "2023-06-12T13:13:30Z",
"credentialSubject": {
"bpn": "BPNL000000000000",
"id": "did:web:localhost:BPNL000000000000",
"type": "https://org.eclipse.tractusx/businessPartnerData#BpnCredential"
},
"id": "https://org.eclipse.tractusx/testcases/t0001",
"type": [
"VerifiableCredential",
"BpnCredential"
],
"issuer": "did:web:localhost:BPNL000000000000",
"expirationDate": "2024-12-31T23:00:00Z",
"proof": {
"type": "JsonWebSignature2020",
"created": "2022-12-31T23:00:00Z",
"proofPurpose": "assertionMethod",
"verificationMethod": "https://org.eclipse.tractusx/verification-method",
"jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFUzM4NCJ9..dbi6LFkdeBeCz3sHaxRRFVJC2_rF8Z_oYqaoNOpYtzQh61WP78pK7nKT53WsE-7uiBUMamLA8vEGJpFQ3h4MXDi2OKh1YDpphS_pwyDkqYbsguMs2KYqPxe8t1OC2G1o"
},
"@context": [
"https://www.w3.org/ns/did/v1",
"https://www.w3.org/2018/credentials/v1",
"https://w3id.org/security/suites/jws-2020/v1"
]
}

37 changes: 37 additions & 0 deletions specifications/testing/sample_input_verification/v-t_0002_valid_vc_embedded_proof.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
{
"issuanceDate": "2023-06-12T13:13:30Z",
"credentialSubject": {
"bpn": "BPNL000000000000",
"id": "did:web:localhost:BPNL000000000000",
"type": "BpnCredential"
},
"id": "7f6c11b4-d2b9-43c3-8411-53f6089b5d2b",
"type": [
"VerifiableCredential",
"BpnCredential"
],
"issuer": "did:web:localhost:BPNL000000000000",
"expirationDate": "2024-12-31T23:00:00Z",
"proof": {
"type": "JsonWebSignature2020",
"created": "2022-12-31T23:00:00Z",
"proofPurpose": "assertionMethod",
"verificationMethod": {
"type": "JsonWebKey2020",
"publicKeyJwk": {
"kty": "EC",
"crv": "P-384",
"x": "eQbMauiHc9HuiqXT894gW5XTCrOpeY8cjLXAckfRtdVBLzVHKaiXAAxBFeVrSB75",
"y": "YOjxhMkdH9QnNmGCGuGXJrjAtk8CQ1kTmEEi9cg2R9ge-zh8SFT1Xu6awoUjK5Bv"
},
"id": "https://org.eclipse.tractusx/keys/68c7189c-b849-4f85-b27d-c796c7cf29ed"
},
"jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFUzM4NCJ9..0ueANOomarONwEL2Y0QnCFjgOdgPjI8kL2Wk4QWh8SJjvVTR80ASVh7bi8HlQp6dUigP3r509oMQkXB6TEddi0D8oQc2Lv0uWxl7yxPInBcfIsWmQrFBTb4mCSU_MJwE"
},
"@context": [
"https://org.eclipse.tractusx/businessPartnerData",
"https://www.w3.org/2018/credentials/v1",
"https://w3id.org/security/suites/jws-2020/v1",
"https://www.w3.org/ns/did/v1"
]
}
37 changes: 37 additions & 0 deletions specifications/testing/sample_input_verification/v-t_0003.a_vc_embedded_forged_claim.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
{
"issuanceDate": "2023-06-12T13:13:30Z",
"credentialSubject": {
"bpn": "BPNL00000000invalid",
"id": "did:web:localhost:BPNL000000000000",
"type": "BpnCredential"
},
"id": "7f6c11b4-d2b9-43c3-8411-53f6089b5d2b",
"type": [
"VerifiableCredential",
"BpnCredentialCX"
],
"issuer": "did:web:localhost:BPNL000000000000",
"expirationDate": "2024-12-31T23:00:00Z",
"proof": {
"type": "JsonWebSignature2020",
"created": "2022-12-31T23:00:00Z",
"proofPurpose": "assertionMethod",
"verificationMethod": {
"type": "JsonWebKey2020",
"publicKeyJwk": {
"kty": "EC",
"crv": "P-384",
"x": "eQbMauiHc9HuiqXT894gW5XTCrOpeY8cjLXAckfRtdVBLzVHKaiXAAxBFeVrSB75",
"y": "YOjxhMkdH9QnNmGCGuGXJrjAtk8CQ1kTmEEi9cg2R9ge-zh8SFT1Xu6awoUjK5Bv"
},
"id": "https://org.eclipse.tractusx/keys/68c7189c-b849-4f85-b27d-c796c7cf29ed"
},
"jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFUzM4NCJ9..0ueANOomarONwEL2Y0QnCFjgOdgPjI8kL2Wk4QWh8SJjvVTR80ASVh7bi8HlQp6dUigP3r509oMQkXB6TEddi0D8oQc2Lv0uWxl7yxPInBcfIsWmQrFBTb4mCSU_MJwE"
},
"@context": [
"https://org.eclipse.tractusx/businessPartnerData.json",
"https://www.w3.org/2018/credentials/v1",
"https://w3id.org/security/suites/jws-2020/v1",
"https://www.w3.org/ns/did/v1"
]
}
36 changes: 36 additions & 0 deletions ...s/testing/sample_input_verification/v-t_0003.b_vc_embedded_altered_credentialsubject.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
{
"issuanceDate": "2023-06-12T13:13:30Z",
"credentialSubject": {
"id": "did:web:localhost:BPNL000000000000",
"type": "BpnCredential"
},
"id": "7f6c11b4-d2b9-43c3-8411-53f6089b5d2b",
"type": [
"VerifiableCredential",
"BpnCredential"
],
"issuer": "did:web:localhost:BPNL000000000000",
"expirationDate": "2024-12-31T23:00:00Z",
"proof": {
"type": "JsonWebSignature2020",
"created": "2022-12-31T23:00:00Z",
"proofPurpose": "assertionMethod",
"verificationMethod": {
"type": "JsonWebKey2020",
"publicKeyJwk": {
"kty": "EC",
"crv": "P-384",
"x": "eQbMauiHc9HuiqXT894gW5XTCrOpeY8cjLXAckfRtdVBLzVHKaiXAAxBFeVrSB75",
"y": "YOjxhMkdH9QnNmGCGuGXJrjAtk8CQ1kTmEEi9cg2R9ge-zh8SFT1Xu6awoUjK5Bv"
},
"id": "https://org.eclipse.tractusx/keys/68c7189c-b849-4f85-b27d-c796c7cf29ed"
},
"jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFUzM4NCJ9..0ueANOomarONwEL2Y0QnCFjgOdgPjI8kL2Wk4QWh8SJjvVTR80ASVh7bi8HlQp6dUigP3r509oMQkXB6TEddi0D8oQc2Lv0uWxl7yxPInBcfIsWmQrFBTb4mCSU_MJwE"
},
"@context": [
"https://org.eclipse.tractusx/businessPartnerData",
"https://www.w3.org/2018/credentials/v1",
"https://w3id.org/security/suites/jws-2020/v1",
"https://www.w3.org/ns/did/v1"
]
}
37 changes: 37 additions & 0 deletions specifications/testing/sample_input_verification/v-t_0003.c_vc_embedded_altered_claim.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
{
"issuanceDate": "2023-06-12T13:13:30Z",
"credentialSubject": {
"bpn": "BPNL000000000000",
"id": "did:web:localhost:BPNL000000000000",
"type": "BpnCredential"
},
"id": "7f6c11b4-d2b9-43c3-8411-53f6089b5d2b",
"type": [
"VerifiableCredential",
"BpnCredential"
],
"issuer": "did:web:localhost:BPNL000000000000",
"expirationDate": "2024-12-31T23:00:00Z",
"proof": {
"type": "JsonWebSignature2020",
"created": "2022-12-31T23:00:00Z",
"proofPurpose": "assertionMethod",
"verificationMethod": {
"type": "JsonWebKey2020",
"publicKeyJwk": {
"kty": "EC",
"crv": "P-384",
"x": "eQbMauiHc9HuiqXT894gW5XTCrOpeY8cjLXAckfRtdVBLzVHKaiXAAxBFeVrSB75",
"y": "YOjxhMkdH9QnNmGCGuGXJrjAtk8CQ1kTmEEi9cg2R9ge-zh8SFT1Xu6awoUjK5Bv"
},
"id": "https://org.eclipse.tractusx/keys/68c7189c-b849-4f85-b27d-c796c7cf29ed"
},
"jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFUzM4NCJ9..0ueANOomarONwEL2Y0QnCFjgOdgPjI8kL2Wk4QWh8SJjvVTR80ASVh7bi8HlQp6dUigP3r509oMQkXB6TEddi0D8oQc2Lv0uWxl7yxPInBcfIsWmQrFBTb4mCSU_MJwE"
},
"@context": [
"https://org.eclipse.tractusx/businessPartnerData",
"https://www.w3.org/2018/credentials/v1",
"https://w3id.org/security/suites/jws-2020/v1",
"https://www.w3.org/ns/did/v1"
]
}
36 changes: 36 additions & 0 deletions specifications/testing/sample_input_verification/v-t_0004.a_vc_embedded_forged_proof.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
{
"issuanceDate": "2023-06-12T13:13:30Z",
"credentialSubject": {
"bpn": "BPNL000000000000",
"id": "did:web:localhost:BPNL000000000000",
"type": "BpnCredential"
},
"id": "7f6c11b4-d2b9-43c3-8411-53f6089b5d2b",
"type": [
"VerifiableCredential",
"BpnCredential"
],
"issuer": "did:web:localhost:BPNL000000000000",
"expirationDate": "2024-12-31T23:00:00Z",
"proof": {
"type": "JsonWebSignature2020",
"created": "2022-12-31T23:00:00Z",
"proofPurpose": "assertionMethod",
"verificationMethod": {
"type": "JsonWebKey2020",
"publicKeyJwk": {
"kty": "EC",
"crv": "P-384",
"x": "eQbMauiHc9HuiqXT894gW5XTCrOpeY8cjLXAckfRtdVBLzVHKaiXAAxBFeVrSB75",
"y": "YOjxhMkdH9QnNmGCGuGXJrjAtk8CQ1kTmEEi9cg2R9ge-zh8SFT1Xu6awoUjK5Bv"
},
"id": "https://org.eclipse.tractusx/keys/68c7189c-b849-4f85-b27d-c796c7cf29ed"
},
"jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFUzM4NCJ9..xJWgUGQLLeC6XqZKXfkboY49NJeKW7GCOvqvXsP2iCXijMQVwz3yjCEf_4Hs3xLJZqz7_ZVYOEGeg5k2UMctVQ_uwsrPZ6w72jq4pMaNAlUIEeRDLYVUSl6v2FoeZftt"
},
"@context": [
"https://org.eclipse.tractusx/businessPartnerData",
"https://www.w3.org/2018/credentials/v1",
"https://w3id.org/security/suites/jws-2020/v1"
]
}
37 changes: 37 additions & 0 deletions specifications/testing/sample_input_verification/v-t_0004.b_vc_embedded_invalid_proof.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
{
"issuanceDate": "2023-06-12T13:13:30Z",
"credentialSubject": {
"bpn": "BPNL000000000000",
"id": "did:web:localhost:BPNL000000000000",
"type": "BpnCredential"
},
"id": "7f6c11b4-d2b9-43c3-8411-53f6089b5d2b",
"type": [
"VerifiableCredential",
"BpnCredential"
],
"issuer": "did:web:localhost:BPNL000000000000",
"expirationDate": "2024-12-31T23:00:00Z",
"proof": {
"type": "JsonWebSignature2020",
"created": "2022-12-31T23:00:00Z",
"proofPurpose": "assertionMethod",
"verificationMethod": {
"type": "JsonWebKey2020",
"publicKeyJwk": {
"kty": "EC",
"crv": "P-384",
"x": "eQbMXXXHc9HuiqXT894gW5XTCrOpeY8cjLXAckfRtdVBLzVHKaiXAAxBFeVrSB75",
"y": "YOjxhMkdH9QnNmGCGuGXJrjAtk8CQ1kTmEEi9cg2R9ge-zh8SFT1Xu6awoUjK5Bv"
},
"id": "https://org.eclipse.tractusx/keys/68c7189c-b849-4f85-b27d-c796c7cf29ed"
},
"jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFUzM4NCJ9..0ueANOomarONwEL2Y0QnCFjgOdgPjI8kL2Wk4QWh8SJjvVTR80ASVh7bi8HlQp6dUigP3r509oMQkXB6TEddi0D8oQc2Lv0uWxl7yxPInBcfIsWmQrFBTb4mCSU_MJwE"
},
"@context": [
"https://org.eclipse.tractusx/businessPartnerData",
"https://www.w3.org/2018/credentials/v1",
"https://w3id.org/security/suites/jws-2020/v1",
"https://www.w3.org/ns/did/v1"
]
}
37 changes: 37 additions & 0 deletions specifications/testing/sample_input_verification/v-t_0005_vc_canonicalization.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
{
"issuanceDate": "2023-06-12T13:13:30Z",
"id": "7f6c11b4-d2b9-43c3-8411-53f6089b5d2b",
"type": [
"VerifiableCredential",
"BpnCredential"
],
"expirationDate": "2024-12-31T23:00:00Z",
"issuer": "did:web:localhost:BPNL000000000000",
"proof": {
"type": "JsonWebSignature2020",
"created": "2022-12-31T23:00:00Z",
"proofPurpose": "assertionMethod",
"jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFUzM4NCJ9..0ueANOomarONwEL2Y0QnCFjgOdgPjI8kL2Wk4QWh8SJjvVTR80ASVh7bi8HlQp6dUigP3r509oMQkXB6TEddi0D8oQc2Lv0uWxl7yxPInBcfIsWmQrFBTb4mCSU_MJwE",
"verificationMethod": {
"type": "JsonWebKey2020",
"publicKeyJwk": {
"kty": "EC",
"crv": "P-384",
"x": "eQbMauiHc9HuiqXT894gW5XTCrOpeY8cjLXAckfRtdVBLzVHKaiXAAxBFeVrSB75",
"y": "YOjxhMkdH9QnNmGCGuGXJrjAtk8CQ1kTmEEi9cg2R9ge-zh8SFT1Xu6awoUjK5Bv"
},
"id": "https://org.eclipse.tractusx/keys/68c7189c-b849-4f85-b27d-c796c7cf29ed"
}
},
"credentialSubject": {
"bpn": "BPNL000000000000",
"id": "did:web:localhost:BPNL000000000000",
"type": "BpnCredential"
},
"@context": [
"https://org.eclipse.tractusx/businessPartnerData",
"https://www.w3.org/2018/credentials/v1",
"https://w3id.org/security/suites/jws-2020/v1",
"https://www.w3.org/ns/did/v1"
]
}
39 changes: 39 additions & 0 deletions specifications/testing/sample_input_verification/v-t_0010_vp_compacted.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
{
"id": "urn:uuid:3978344f-8596-4c3a-a978-8fcaba3903c5",
"type": "VerifiablePresentation",
"verifiableCredential": {
"issuanceDate": "2023-06-12T13:13:30Z",
"credentialSubject": {
"http://schema.org/identifier": "BPNL000000000000",
"id": "did:web:localhost:BPNL000000000000",
"type": "https://org.eclipse.tractusx/businessPartnerData#BpnCredential"
},
"id": "https://org.eclipse.tractusx/testcases/t0001",
"type": [
"VerifiableCredential",
"BpnCredential"
],
"issuer": "did:web:localhost:BPNL000000000000",
"expirationDate": "2024-12-31T23:00:00Z",
"sec:proof": {
"type": "JsonWebSignature2020",
"created": "2022-12-31T23:00:00Z",
"proofPurpose": "assertionMethod",
"verificationMethod": "https://org.eclipse.tractusx/verification-method",
"jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFUzM4NCJ9..dbi6LFkdeBeCz3sHaxRRFVJC2_rF8Z_oYqaoNOpYtzQh61WP78pK7nKT53WsE-7uiBUMamLA8vEGJpFQ3h4MXDi2OKh1YDpphS_pwyDkqYbsguMs2KYqPxe8t1OC2G1o"
}
},
"proof": {
"type": "JsonWebSignature2020",
"created": "2022-12-31T23:00:00Z",
"proofPurpose": "assertionMethod",
"verificationMethod": "https://org.eclipse.tractusx/verification-method",
"jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFUzM4NCJ9..qVCNVL_jxQdqa509KPTjRERopJiRtW1CqctVD_uGtUlCNF9oM2eB1L821YvjW0VjZjP6XdS5bLfQpG3azg9Hm8-L4vFBiH8HgEdVllHVcmO1odG-2GQAnhdP6Kdg42Wh"
},
"@context": [
"https://www.w3.org/ns/did/v1",
"https://www.w3.org/2018/credentials/v1",
"https://w3id.org/security/suites/jws-2020/v1",
"https://www.w3.org/ns/did/v1"
]
}
Loading

0 comments on commit 587eb3f

Please sign in to comment.